Data Security

Melanin Money, LLC understands that the confidentiality, integrity and availability of our customers’ information is vital and very important. To protect that key information, we use a multi-layered approach and constantly monitor and improve our application, systems and processes to quickly address potential security demands and challenges.

SECURE DATA CENTERS AND CONNECTIONS

Our data service is stored in dedicated spaces at top-tier data centers. These facilities provide a number of data protection and recovery services, including:

SECURE DATA TRANSMISSION AND SESSIONS

Connection to the Melanin Money or MyWealthHealth environment via SSL 3.0/TLS 1.0, using global step-up certificates from Symantec (formerly VeriSign) and other trusted certificate authorities, ensuring users have a secure connection from their browsers to our service

Individual user sessions identified and re-verified with each transaction, using a unique token created at login

GUARANTEED NETWORK PROTECTION

• Perimeter firewalls and edge routers block unused protocols

Internal firewalls segregate traffic between the application and database tiers

Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts and reports

A third-party service provider scans the network externally and alerts us of changes in baseline configuration

RELIABLE DISASTER RECOVERY AND DATA BACKUP PROTOCOLS

Real-time replication to disk at each data center, and hourly data replication between the production data center and the disaster recovery center

Data transmitted across encrypted links

Data is backed up using EMC Data Domain on a weekly rotating schedule of incremental and full backups

Backups are sent electronically over secure links to secure secondary data center for offsite storage

Annual disaster recovery tests verify our projected recovery times and the integrity of the customer data

BUILDING ACCESS CONTROL AND PHYSICAL SECURITY PROTOCOLS

• 24-hour manned security, including foot patrols and perimeter inspections

• Video surveillance throughout facility and perimeter

• Biometric scanning for access

Dedicated, concrete-walled data center rooms

Computing equipment in access-controlled steel locked racks

Building engineered for local seismic, storm, and flood risks

Tracking of asset removal

ENVIRONMENTAL CONTROLS

• Humidity and temperature control

• Redundant (N+1) cooling system

FIRE DETECTION AND SUPPRESSION

• VESDA (very early smoke detection apparatus)

• Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression

PROTECTED POWER SOURCE AND BACKUP SYSTEMS

• Underground utility power feed

• Redundant (N+1) CPS/UPS systems

Redundant power distribution units (PDUs)

Redundant (N+1) diesel generators with on-site diesel fuel storage

NETWORK CONNECTION RELIABILITY

• Redundant internal networks

• Network neutral, connecting to all major carriers and located near major Internet hubs

High bandwidth capacity

INTERNAL AND THIRD-PARTY TESTING AND ASSESSMENT

In addition, eMoney Advisor regularly tests and monitors all systems, data and personnel for potential security risks:

STRICT INTERNAL MONITORING

• Information Security department tests all code for security vulnerabilities before release and continually monitors notifications and alerts from internal systems to identify and manage threats

PERSONNEL YOU CAN TRUST

• Comprehensive background checks conducted on all employees as a condition of employment

ANNUAL THIRD-PARTY ASSESSMENTS

• Application vulnerability threat assessments

Network vulnerability threat assessments

Selected penetration testing and code review

Security control framework review and testing

Combined, our internal and external data and systems security protocols offer protection you and can trust.

Melanin Money © 2022. All rights reserved.