Security Policy

At Oltre Financial Inc, we take the security of our users' passwords and credentials seriously. We have implemented the following measures to ensure the safety and integrity of your information:

Product Security

Password Complexity Standard:

We enforce a password complexity standard to ensure that your passwords are strong and resistant to brute-force attacks. When creating an account or updating your password, we require a combination of uppercase and lowercase letters, numbers, and special characters.

Secure Hash Algorithms:

All credentials, including passwords, are securely stored using industry-standard hash algorithms. Hash algorithms convert your passwords into a unique string of characters that cannot be reversed or decrypted, providing an additional layer of protection against unauthorized access.

Google Account Integration:

In addition to creating accounts directly with us, we also offer the option to sign up and log in using your Google account. This integration leverages Google's secure authentication infrastructure, ensuring a seamless and secure login experience for our users.

Uptime - Oltre Financial Inc has an uptime of 99.9% or higher.

Network and Application Security

At Oltre Financial Inc , we prioritize the security of our network and applications to safeguard your data. We have implemented various measures to ensure the confidentiality, integrity, and availability of your information:

Data Hosting and Storage:

Oltre Financial Inc's services and data are securely hosted within Amazon Web Services (AWS) facilities located in the USA. AWS provides robust infrastructure and advanced security controls to protect our systems and your data.

Encryption:

All data transmitted to and from Oltre Financial Inc is encrypted during transit using 256-bit encryption. Our API and application endpoints exclusively utilize TLS/SSL protocols, and they have received an "A" rating on Qualys SSL Labs' tests, ensuring the highest level of encryption strength.

Failover and Disaster Recovery (DR):

Oltre Financial Inc's infrastructure and data are distributed across two AWS availability zones, designed with built-in failover and disaster recovery capabilities. This architecture ensures that even in the event of a localized failure, our systems remain operational, and your data remains accessible.

Backups and Monitoring:

We employ Amazon RDS's daily backup solution for databases that contain customer data. This practice guarantees that your information is regularly backed up to prevent data loss. Additionally, we have robust monitoring mechanisms in place to promptly detect and respond to any potential security incidents.

Permissions and Authentication:

Oltre Financial Inc prioritizes strong access controls and authentication mechanisms. Our website is served 100% over HTTPS to ensure secure communication. Access to customer data is strictly limited to authorized employees who require it for their job responsibilities. We adhere to a zero-trust corporate network model and enforce two-factor authentication (2FA) and strong password policies on platforms such as GitHub, Google, AWS, and Oltre Financial Inc's own services to fortify access to cloud resources.

Incident Response:

Oltre Financial Inc maintains a comprehensive security event protocol that includes escalation procedures, rapid mitigation measures, and post-incident evaluations. Our dedicated team is well-prepared to handle any security events that may arise. We prioritize the continual education of all employees regarding our security policies and best practices.

Additional Security Features

In addition to the previously mentioned security measures, Oltre Financial Inc has implemented the following additional security features to ensure the protection of your data:

Confidentiality:

To maintain the confidentiality of sensitive information, all Oltre Financial Inc employment contracts include a confidentiality agreement. This agreement is signed and returned by employees before they start their employment, emphasizing the importance of data protection.

Training:

We prioritize the ongoing education and awareness of our employees regarding security practices. All Oltre Financial Inc employees undergo annual Security and Awareness training, ensuring they are well-informed about potential risks and equipped to make secure decisions.

Policies:

Oltre Financial Inc has developed a comprehensive set of security policies that cover a wide range of topics. These policies are regularly updated to align with evolving security best practices. They are shared with all employees, ensuring a common understanding of our security expectations and guidelines.

PCI Obligations:

As a payment processing platform, Oltre Financial Inc partners with Stripe to administer all credit card payments. Stripe is a trusted and secure payment gateway that maintains a robust security setup and PCI compliance. For more details about their security measures, you can visit Stripe's Security Page.

Make your Optiml™ retirement plan

Try it Free