Banyan Theory  //  www.lightrailsites.com 888-258-0805

Security at Banyan Theory

How We Protect Websites and Private Information

Security Is Important To Us

Banyan Theory takes the privacy and security of your data very seriously. We take several steps to keep our websites and forms safe from hackers and viruses to prevent them from accessing and exposing your agency's private information.

LightRail, the software platform we created that runs all of the websites we build and manage, employs end-to-end security for all the private information it captures and stores. This means that from the time someone types something into your website until the time you view it, it cannot be intercepted by a third party. In other words, the information is protected during transmission, storage, and retrieval.

SSL

Any form that accepts potentially sensitive or personally identifiable information is protected with SSL/TLS (Secure Sockets Layer / Transport Layer Security), which encrypts the information in the web browser before it is transmitted to our servers. Similarly, when you retrieve the submitted information, your connection is encrypted.

Do Your Web Forms Use SSL?

Find out now using our easy form checker. Just paste the URL of a page on your website that has a form on it, and this tool will tell you.

   

Email

Unfortunately, most people do not realize email is not a secure means of communication. In fact, it is quite insecure; emails are relatively easy for hackers to intercept. (A hacker can intercept an email while in transit, which means he doesn't need to break into an email account, so having a strong email password won't protect you from this.)

As such, LightRail does not email any sensitive information. This means that when someone submits a form to your website, LightRail sends you a notification email, but the only thing in the email is a link to the LightRail Toolkit, a secure web application where you can retrieve the details of the form submission.

Policies

We employ several policies that help us keep our computers, servers, and customers safe from online threats. Though this is not an exaustive list, here are a few of our security policies:

  • We never email passwords to anyone, including to ourselves.
  • We never log in to our servers from public or otherwise untrusted computers.
  • We only store passwords in an encrypted format (using 1Password).
  • We train our staff on security practices and on the importance of security.
  • We use Linux on our servers and Mac OS X on our workstations and laptops.

Payments

We use Stripe for all of our credit card processing. Because of the way Stripe works, we never see your full credit card information. It is sent directly to Stripe, completely bypassing our servers in the process, so there is no way for us to access or inadvertently expose your payment information.


Security Tips to Protect Your Insurance Agency

We know that you are plenty busy running your business and servicing your clients, and perhaps security isn't always at the front of your mind. Here are a few simple tips that will help keep your online accounts and customer information safe.

  • Never email sensitive information, such as passwords, Social Security Numbers, or other personal information about yourself or your customers. Unencrypted email attachments are just as vulnerable, so never email a quote or application PDF with an SSN inside.

  • Never share your passwords with someone you don't trust. If you do share your passwords (like insurance carrier logins), be sure everyone who has the password understands how to protect it.

  • Never share the answers to your security questions with others. You can change a password, but you can't change your mother's maiden name.

  • Do not use the same password for multiple websites. If someone figures out your password (or intercepts it if you email it to yourself), they'll have access to all of your online accounts that use the same password.

  • Do not store passwords in an unencrypted file on your computer. If a virus infects your PC and the Word doc containing your passwords is leaked, then hackers will have all the information they need to log in to any of your online accounts that were stored in that file.


Stay Up to Date

Subscribe to our blog (via RSS or email) and watch for our security-related articles.

Here are a few of our recent articles on security: