An interview with EGPS technology lead expert, Rich McKay
Does EGPS conduct periodic risk assessments to identify cybersecurity threats and vulnerabilities?
Yes, EGPS does complete cybersecurity risk assessments during the year. As EGPS’ third party virtual CIO, City Source Solutions also includes full IT service review. We complete sweeps of the system periodically, as well as continued vulnerability assessments.
What are the processes and systems EGPS has in place for dealing with cybersecurity threats and protection of personally identifiable information?
We ensure EGPS has strong fire walls, email filters in place, as well as access to training and polices. The email filters ensure personally identifiable information (PII) is not sent unsecured outside of EGPS. All of our systems are protected by multi factor authentication (MFA). We also have policy and procedures in place to protect data and transmission of data. Additionally, dual authentication ensures outside parties do not have access to data.
Does EGPS have a Chief Information Security Officer or equivalent position?
Through City Source, I am the direct point of contact as EGPS’s virtual CIO. I have been working with EGPS and with our Cybersecurity team for over 4 years.
Does EGPS have a privacy and security policy, and does the policy apply to personally identifiable information of retirement plan clients?
Yes and yes. EGPS employees utilize our PensionPro secure website to send information. We also use Sharefile as an additional resource to protect data.
Are all personnel who come into contact with personally identifiable information trained on adequate protection of the information?
All new employees are provided with a review of the secure information policies including the secure website to transmit data. There is a robust initiative to ensure all EGPS employees complete additional training and updates over the next quarter.
Does EGPS carry cybersecurity insurance?
Has EGPS experienced any security breaches?
Want to know more about the cybersecurity measures we employ to keep data safe?
Fill out the form below and we’ll send you our cybersecurity policy.