Security is architected into the Seraf platform. Any information that you provide to Seraf is designed to be as secure as current computer and web technology will allow. Seraf enforces a SSL/TLS encrypted session every time you log on. SSL certificates protect data in transit between users and the websites they are connected to. The lock box before the Seraf URL at the top of your screen is your visual confirmation that a session is secure, and can be clicked on for more information. Read about our Privacy Policy and Terms of Use for additional information.
For those interested in further security details, read below to better understand how seriously Seraf takes security.
We require HTTPS for all connections to the website, and use an HSTS header so that even the initial visit is encrypted.
Phishing attacks are a problem for everyone. However, our staff members are knowledgeable, and their activities on the website are logged. We keep daily backups, and can roll back the site in the event we are compromised.
Even the most secure websites are vulnerable to attack. Weak credentials of users is a possible issue, so it’s important for users to choose a strong password. We require 8 characters minimum and 2 character types. We also recommend that our clients try to minimize the amount of personal data they load into Seraf. For example, any documents that contain detailed personal information such as social security numbers shouldn’t be uploaded.
In fact, we have a few clients who wish to remain anonymous and have chosen to provide a non-traceable account name and use an email address that is specific to Seraf. This limits a hacker’s ability to track down the individual investor.
Security is a process. No website is ever 100% secure, and we regularly review our own practices to try to improve where we can.
Please note that the Seraf Help Center is supported by a different platform, and as such, will not have the lock box before the URL.
Comments