WealthCounsel Member Website Security Policy

Overview of Security Practices, Policies and Procedures

WealthCounsel is committed to maintaining a secure member website environment including access to any application(s) associated with the site.  Accordingly, WealthCounsel follows the principle of “least privilege,” meaning we do not grant roles or privileges that are unnecessary.  In addition,  our authentication and authorization are built into the database itself - not just at the application layer.   This means that all database access is password protected and prohibited except for authenticated users with specific roles that grant them access. Each role is limited in what it can do in the database, intending to provide members with the maximum degree of protection in their data.

WealthCounsel follows best practices in managing all user sessions with the member website. This means that once a user has logged in, all interaction with the site is over SSL (secure sockets layer), which is the standard protocol for secure communication over the web.  While stored on the server your content is encrypted. So in the unlikely event that an intruder were able to gain access to our servers, they would still not be able to view your content in plain text.

WealthCounsel believes it is crucial that any web application be assessed for vulnerabilities and any vulnerabilities be remediated prior to production deployment.  For that reason, WealthCounsel is committed to regular review of our software by professional independent information security advisors to routinely evaluate the security of our web application(s).

Backup/Restoration, Disaster Recovery & Replication

WealthCounsel’s site is deployed in data centers managed by a leading third-party dedicated hosting-services provider. This infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It provides an extremely scalable, highly reliable platform that enables WealthCounsel to deploy our applications and data quickly and securely.  

The following describes how platform data is replicated and backed up. All backups are held in secure data centers and are available only to the platform admin and approved data center personnel.

Database backups

A complete backup of the platform database is made at the end of  each day.  Between these daily backups, the database also stores metadata about every transaction occurring in the database. This metadata can be “replayed” to restore the database to a specific point in time since the last backup.

The data also replicates to other nodes in the cluster as well as replicates every transaction to a disaster recovery database hosted in a separate data center. This replication takes place over a secure VPN tunnel between two separate data centers located in different regions of the country.

Database backups are retained for five days.

Server backups

A complete backup of each server in the main cluster as well as the disaster recovery server is made after the end of each business day by our data center partner as part of our managed services contract with them. This backup includes the platform database as well as all related static files, applications and the OS itself. In addition, an incremental backup of each server is made the end of each day. This incremental backup stores only the changes made since the previous full backup on Friday.

Server backups are retained for 14 days.

Data Access

In the unlikely event your data may need to be accessed to help troubleshoot a technical problem you may be experiencing with our system, WealthCounsel will specifically request your approval before accessing your data, and will access only the data you approve. This will only be done upon your request by a member of our staff with appropriate security clearance who has been subject to employment background checks and drug testing.

Purpose of Security Policy

The purpose of this policy is to define web application security assessments within WealthCounsel. Web application assessments are performed to identify potential or realized weaknesses as a result of inadvertent misconfiguration, weak authentication, insufficient error handling, sensitive information leakage, etc.  Discovery and subsequent mitigation of these issues is designed to greatly limit the possibility of a successful attack of WealthCounsel services available both internally and externally as well as satisfy compliance with any relevant policies in place.

Scope of Policy

This policy covers all web application security assessments requested by any individual, group or department for the purposes of maintaining the security posture, compliance, risk management, and change control of technologies in use at WealthCounsel.

All web application security assessments will be performed by delegated security personnel either employed or contracted by WealthCounsel. All findings are considered confidential and are to be distributed to persons on a “need to know” basis.  Distribution of any findings outside of WealthCounsel  is strictly prohibited unless approved by the Chief Executive Officer.

Software Development Practices

All WealthCounsel web-based application development is subject to security assessments based on the following criteria:

  1. Annual Major Application Releases – will be subject to a full assessment prior to approval of the change control documentation and/or release into the live environment.

  2. Third Party or Acquired Web Application – will be subject to full assessment after which it will be bound to policy requirements.

  3. Point Releases – will be subject to an appropriate assessment level based on the risk of the changes in the application functionality and/or architecture.

  4. Patch Releases – will be subject to an appropriate assessment level based on the risk of the changes to the application functionality and/or architecture.

  5. Emergency Releases – An emergency release will be allowed to forgo security assessments and carry the assumed risk until such time that a proper assessment can be carried out.  Emergency releases will be designated as such by the Director of Enterprise Architecture or an appropriate manager who has been delegated this authority.

All security issues that are discovered during assessments must be mitigated based upon the following risk levels. The Risk Levels are based on the OWASP Risk Rating Methodology (Open Web Application Security Project). Remediation validation testing will be required to validate fix and/or mitigation strategies for any discovered issues of Medium risk level or greater.

  1. High – Any high risk issue must be fixed immediately or other mitigation strategies must be put in place to limit exposure before deployment.  Applications with high risk issues are subject to being taken off-line or denied release into the live environment.

  2. Medium – Medium risk issues should be reviewed to determine what is required to mitigate and scheduled accordingly.  Applications with medium risk issues may be taken off-line or denied release into the live environment based on the number of issues and if multiple issues increase the risk to an unacceptable level.  Issues should be fixed in a patch/point release unless other mitigation strategies will limit exposure.

  3. Low – Issue should be reviewed to determine what is required to correct the issue and scheduled accordingly.

Policy Compliance

Independent  Information Security Consultants and internal staff will verify compliance to this policy through various methods, including but not limited to, formal penetration testing, other internal and external audits, periodic walk-throughs, business tool reports, and member feedback to WealthCounsel.  WealthCounsel’s  Director of Enterprise Architecture is responsible for ensuring WealthCounsel is in compliance with its stated security policy including regularly monitoring Cybersecurity issues, reviewing with management its Cybersecurity risk and making sure sufficient resources are devoted to addressing any risks.

Exceptions

Any exception to the policy must be approved by the Director of Enterprise Architecture in advance.

Non-Compliance

An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. Web application assessments are a requirement of the change control process and are required to adhere to this policy unless found to be exempt.   All application releases must pass through the change control process.  Any web applications that do not adhere to this policy may be taken offline until such time that a formal assessment can be performed at the discretion of the Director of Enterprise Architecture.