Z6_1P1811C0J8HOF0A4GK0T4B2G22
Z7_1P1811C0J8HOF0A4GK0T4B2GI0

Securing Your Information

Security

Your information is important, and protecting the confidentiality, integrity and availability of that information is our priority.  We value our customers’ trust and have an Information Security Program that implements a multifaceted approach to protecting the confidential data of our customers, partners and associates.

 

Policies and Standards

OneAmerica's written policies and standards create a foundation for our program and align with industry best practices and regulations.  These policies and standards establish guidance for the implementation of additional security controls used to manage our environment.

Risk and Threat Management

We maintain a risk management process that is integrated with Enterprise Risk Management (ERM), and identifies, assesses, prioritizes and addresses the threats and risks to our systems and information. 

Access Controls

We maintain an access control policy and procedures to ensure access to your data is available only to those who need to have it.  Credentials are created in accordance with defined user account and password complexity standards.  Multifactor authentication (MFA) provides an additional layer of access security for our customers.

Systems Security

We search for weaknesses in our systems using internal and external vulnerability assessments to evaluate our systems. Vulnerabilities are prioritized and remediated using a risk-based approach.  Anti-malware is used on both servers and user workstations to detect and prevent the spread of malware and viruses.

Secure Transmissions

Your confidential information is protected while transmitted via public and private networks using encryption.  Examples include email and file transfer encryption, secure email portal for customer use, laptop/desktop encryption and encryption of backup media.

Incident Management

We use industry leading tools and teams to monitor the health and security of our systems.  In the event of an emergency, the leaders of our incident response teams come together to prioritize and manage all issues arising from the emergency event.

Business Continuity

We categorize our information systems and requires business recovery plans. Policies and procedures provide a pre-established framework for control and effective communication of these plans. Critical system recovery plans are exercised annually with results communicated up through senior management.

Training and Awareness

All associates are required to adhere to policies and practices regarding security and privacy rules. Annual training includes privacy, fraud and security measures including social engineering, phishing awareness and an overview of regulations impacting OneAmerica.

 

Z7_1P1811C0J8HOF0A4GK0T4B2GI2
Z7_1P1811C0J8HOF0A4GK0T4B2GI5

Check in, Check up

Actively engage with your policies, plans and strategies.

Log in to manage your accounts

Report an Issue

Alert us if you have a security concern or suspect your information may be compromised due to a data breach or fraud.

Contact us for assistance

OneAmerica's Values

We're committed to being there when you need us most.

Find out how we do business

Notify Us

Notify us of suspicious activity or suspected fraud or identity theft.

Email us for assistance