MoneyWizard™ is a web-based state of the art Agent/Client diagnostic application designed for financial advisors and their firms to analyze their clients’ needs through a survey and send the results to the Agent as review points. The agent uses those review points as guidelines to address the clients’ goals and objectives. The MoneyWizard™ tool is designed, developed, operated, supported, and owned by LinkMaster LLC, based in Livonia, MI.
The MoneyWizard™ application is hosted by Amazon Web Services, a leading provider of infrastructure and hosting services. From the physical layer to the application layer, we apply security controls across the board and isolate data and applications for each customer. Additionally, we use best practices and other security techniques to ensure the safety and security of our customers’ data.
Security Assessments and Compliance
In order to prevent common web software attacks, MoneyWizard™ follows best practices of application development. We constantly update our application framework for newly discovered security vulnerabilities using modern technologies. For our team to maintain this high level of security in our codebase, continuous vulnerability scanning is part of our development process.
As part of MoneyWizard™’s physical infrastructure, we are secured within Amazon’s secure data centers and utilize Amazon Web Service (AWS). As part of its risk management process, Amazon conducts recurring assessments to ensure compliance with industry standards. The following accreditations have been granted to Amazon’s data centers:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
All application traffic is encrypted with 256-bit SSL (https). In addition, all data is stored in an encrypted format at rest.
DATA RELIABILITY & BACKUP
MoneyWizard™ regularly backs up all user data and stores it in multiple physical locations to prevent data loss. Should a system-wide emergency arise, we have the ability to restore our entire database utilizing Amazon DynamoDB point-in-time recovery (PITR).
PAYMENT DATA -PCI COMPLIANCE
For encrypting and processing credit card payments, MoneyWizard™ uses Stripe, a PCI compliant payment processor. PCI Service Provider Level 1 certification was achieved by Stripe through an audit by a PCI-certified auditor. There is no higher level of certification available. MoneyWizard™ does not store credit card numbers.
MoneyWizard™ uses Amazon data centers with ISO 27001 and FISMA certifications. Amazon has designed, constructed, and operated large-scale data centers for many years. The AWS platform and infrastructure have taken advantage of this experience. Amazon Web Services data centers are housed in nondescript facilities with extensive setbacks and military grade perimeter control berms to protect them from intrusion. Using video surveillance, intrusion detection systems, and other electronic methods, professional security personnel strictly control physical access at the perimeter and at building ingress points. To access data center floors, authorized staff must pass two-factor authentication three times. In addition to presenting identification, visitors and contractors are continually escorted by authorized personnel.
Data center access and information are only provided to Amazon employees who have a legitimate business need for such access. Regardless of whether an employee remains an Amazon or Amazon Web Services employee, their access is immediately revoked when they no longer need these privileges. Logging and auditing are routinely conducted for all physical and electronic access to data centers by Amazon employees.
FIRE DETECTION AND SUPPRESSION
Amazon facilities have been equipped with automatic fire detection and suppression equipment to reduce risks.
All data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms are equipped with smoke detection sensors. Wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems protect these areas.
Power systems at Amazon’s data centers are fully redundant and maintainable without affecting operations, 24 hours a day, 7 days a week. Uninterruptible Power Supplies (UPS) provide backup power to critical and essential loads in a facility during an electrical failure. During power outages, generators are used to provide backup power to the entire facility.
CLIMATE AND TEMPERATURE CONTROL
Servers and other hardware need climate control in order to maintain a constant operating temperature, preventing overheating and reducing service interruptions. Atmospheric conditions are maintained at optimal levels in data centers. Temperature and humidity levels are monitored and maintained by data center personnel.
Amazon’s data center staff monitors electrical, mechanical, and life support systems so issues can be identified immediately. To ensure that equipment continues to function, preventative maintenance is performed.
For additional information see: https://aws.amazon.com/security.
You can report security vulnerabilities to firstname.lastname@example.org.
If you have any specific questions regarding our security policies you can always email us email@example.com.