Our Online Security PracticesAt Union Bank®, we believe in investing in your security. We consider your information to be a critical and valued asset, entrusted to our bank: The confidentiality and integrity of your information and financial assets are of primary concern. We are committed to safeguarding the information entrusted to us. We maintain enterprise-wide information security programs in compliance with applicable laws and regulations, including Gramm-Leach-Billey Act (GLBA). Our teams work hard to ensure that all financial transactions, data transmissions, and communications are conducted in a secure online environment.
To safeguard your financial and personal information in an environment of continually evolving threats, we have created a multilayered security program. Here are some of the steps we take to protect your information:
- We maintain a task force composed of security, information technology, and business professionals. This team focuses on assessing risk, testing the security controls of our services, and executing remediation plans to maintain our secure computing environment.
- We also engage in ongoing application and network threat modeling and penetration testing. This means that before we offer our customers new services and features, we test our services and software to ensure they meet our standards for confidentiality and integrity. We also reevaluate our controls to ensure that our services and software withstand newly discovered vulnerabilities and attack vectors or techniques.
- We have a formal Incident Response Program that outlines the process in the events of a breach of electronic or physical security or loss/exposure of sensitive data. The Incident Response Program is structured to provide timely and efficient assessment and response to all reported incidents, in compliance with state and federal laws and regulations.
- We evaluate our online security practices. Our internal examiners perform audits and evaluations of our internal control environment.
- Our program also includes investment in both the skills of our people and advanced security systems. Our employees, along with the tools that enable them to do their jobs, are our strongest assets in the fight against hackers and fraudsters. We engage with our employees through our security awareness program. We train and certify our employees to ensure they understand policy, regulations, and security. We periodically evaluate the preparedness of our employees through simulations of cyber threats.
- We communicate with our customers and commercial clients about cybersecurity and IT updates and requirements.
- We require that relevant third-party service providers adhere to specific security policies and standards, as well as regulatory obligations.
- We also maintain strong relationships with law enforcement and leaders in the security industry.