Mercer Advisors Security Measures
Protecting Your Online Visits
Username and password requirements
To help prevent unauthorized access, we prompt you to create a unique username and password when you first access your account. The strongest passwords are long and employ a mix of numbers, upper- and lower-case letters, and special characters. We also recommend that clients utilize a password management system, so you do not need to remember several complex passwords.
Secure website
Mercer Advisors provides an encrypted website connection. When you send sensitive information over an HTTPS connection, no one can eavesdrop on it in transit.
Secure email
You can send our advisors encrypted messages thanks to our secure e-mail servers with TLS 1.2 transport encryption. We will never ask for confidential data like your account numbers, username and passwords through email.
Protecting Your Phone and Video Interactions
Encrypted communications
Mercer Advisors utilizes a secure telephone system to ensure that your calls cannot be intercepted or eavesdropped upon. To prevent interception of your communications, the system provides encryption between all endpoints.
Safeguards Inside Mercer Advisors
Compliance and cybersecurity policies
Mercer Advisors has created and implemented comprehensive compliance and cybersecurity policies and procedures based on the National Institute of Standards and Technology (NIST) frameworks.
Extra login security
Mercer Advisors utilizes 2-factor authentication tokens at login, a technology that helps prevent someone from gaining illegal access to employee accounts, even if the username and password have been compromised. We also utilize a single sign-on authentication that reduces the number of sign-in prompts for employees and can measure the user, location, and device risk to determine whether access should be allowed, verified, limited, or blocked.
Wire transfer verification
If you request a wire transfer by email, we will verify your identity by calling you to confirm before initiating the transfer.
Systems surveillance
We utilize a 24/7 Security Operations Center to monitor our network and infrastructure every day, all day.
Encryption on all endpoint devices
Mercer Advisors utilizes a Unified Endpoint Management system to encrypt all endpoint devices (laptops, phones, etc.) that allows us to monitor for malware threats or jailbroken devices and automatically remediate with a remote lock, device wipe or customizable device quarantine controls.
Anti-Virus software
Mercer Advisors utilizes sophisticated anti-virus software to prevent attacks before they can damage our devices.
Firewalls
Firewalls are protective barriers that defend us from hackers and cyber-attacks trying to gain access into our networks and computer systems.
Physical security at our offices
Our security measures extend to our locations as well. We vigilantly monitor all work areas to prevent theft or scrutiny of documents containing sensitive information. In addition, authorized personnel can only enter work areas through the use of a security badge, key, or mobile device.
Restricted access to data
We limit access to systems containing client information to only those employees who need it to conduct business. We continually monitor access and only grant it to new people on a case-by-case basis.
Secure customer relationship management (CRM) system
Mercer Advisors utilizes a best-in-class CRM to keep your biographical and financial information secure. Your data is encrypted, so even if there is a breach, the data would be inaccessible.
Secure enterprise-grade file sharing and storage platform
We also utilize an enterprise grade file-sharing system to securely store documents. We use this system to allow for secure file sharing between the client and Mercer Advisors.
Employee education
We make sure that our employees know and adhere to our security policies. We require periodic training on our security policies for all employees, no matter their department. Employees who work directly with clients receive extra training on emerging risks, such as identity theft.
