Cybersecurity & Data Protection

Encryption Standards

TLS/SSL Encryption:

All data transmitted between your browser and our servers is encrypted using industry-standard TLS 1.2 or higher encryption protocols.

Data at Rest Encryption:

Personal information stored in our databases is encrypted using AES-256 encryption standards to prevent unauthorized access.

Secure Payment Processing:

We do not store credit card information on our servers. All payment transactions are processed through PCI-DSS compliant third-party payment processors.

Secure Data Transmission

Every time you submit information — a quote request, account details, or a message — it travels through encrypted channels. We use multiple layers of protection to make sure:

Your information cannot be intercepted during transmission
Data integrity is maintained throughout the transfer process
Only authorized systems can receive and process your information
Communications with insurance carriers are conducted through secure, encrypted channels

Restricted Internal Access

Only authorized staff can access your data — and only the data they need to do their job. Here's how we enforce that:

Role-Based Access

Employees only have access to the specific data necessary for their responsibilities

Multi-Factor Authentication

All staff accounts require multi-factor authentication for system access

Activity Logging

All access to customer data is logged and regularly audited

Security Training

Regular cybersecurity and privacy training for all employees

Third-Party Vendor Compliance

We vet every third-party vendor that touches customer data. Our vendor program requires:

Security Assessments: All vendors undergo security reviews before engagement
Contractual Obligations: Vendors must sign agreements requiring compliance with our security standards
Regular Audits: Ongoing monitoring and periodic security audits of vendor practices
Data Minimization: Vendors only receive the minimum data necessary to provide their services
Compliance Requirements: All vendors must comply with applicable privacy laws and insurance regulations

Incident Response Plan

Even with strong security in place, incidents can happen. We have a clear plan to respond fast:

Immediate Detection & Containment:

24/7 monitoring systems to detect and contain security incidents

Investigation & Assessment:

Rapid investigation to determine scope and impact of any breach

Customer Notification:

Prompt notification to affected customers as required by law

Regulatory Reporting:

Notification to appropriate regulatory authorities and insurance carriers

Remediation & Prevention:

Implementation of corrective measures to prevent future incidents

If you suspect a security issue or unauthorized access to your account, please contact us immediately at:

security@insuredirectonline.com (704) 810-2079

Additional Security Measures

Secure Infrastructure

Our systems are hosted in SOC 2 certified data centers with physical security controls and redundant systems

Vulnerability Management

Regular security testing, vulnerability scanning, and penetration testing to identify and address potential weaknesses

Regular Updates

Continuous monitoring and updating of security systems to address emerging threats

Data Backup & Recovery

Regular encrypted backups and tested disaster recovery procedures to ensure business continuity

Your Security Responsibilities

While we implement comprehensive security measures, protecting your information is a shared responsibility. You can help keep your account secure by:

Using a strong, unique password for your account
Never sharing your login credentials with others
Logging out after using shared or public computers
Being cautious of phishing emails claiming to be from InsureDirect LLC
Keeping your contact information up to date so we can reach you if needed
Reporting any suspicious activity on your account immediately