Tested, scanned, analyzed, evaluated and tested again.
Connect continually runs thousands of tests on our software to ensure there are no data breaches. From obsessively scanning our data ports to testing for SQL and other code injections to protecting the website from cross-site scripting, Connect uses several world-class, third-party scanning tools to routinely confirm data security. In addition, we’ve hired our own team of data hackers to continually test our systems.
Key ways that MicroBilt helps to safeguard your personal information online
- 256-Bit Data Encryption — When you access your accounts and perform transactions on MicroBilt Systems, your information is protected by bank-grade 256-bit encryption using the latest TLS 1.3 protocol.
- Additional Authentication — When you perform online transactions, such as changing your password, MicroBilt will sometimes ask you additional security questions to verify your identity.
- 2FA Authentication – In the coming months, MicroBilt will be deploying two form factor authentication across multiple platforms, this will require you to enter a 6 digit numeric code in addition to your username and password.
- Date/Time Stamp — Every time you sign on to a MicroBilt system, we display the date, time, and IP address of your last visit. If you didn't sign on then, you'll know if there has been unauthorized account access.
- Extended Validation (EV) SSL Certificate — The green address bar on MicroBilt sites is a security feature supported by newer browsers that allow you to visually validate that the site you are transacting with — such as credit https://creditcommander.microbilt.com and https://www.microbiltconnect.com — have undergone extensive outside security audits and penetration testing.
- Secure Firewalls — The computer systems that run MicroBilt systems are protected by numerous network and application firewalls to help prevent unauthorized access to our network, and MicroBilt monitors these firewalls to prevent security breaches.
- Session Timeouts — If you’re signed on and not using MicroBilt systems for several minutes, your session will "time out." To resume your activity, you’ll need to re-enter your User ID and Password.
- Site Security — Our sites use Secure Socket Layer (SSL) and Transport Layer Security (TLS 1.2 & TLS 1.3) to offer 2048-bit secure links between your browser and MicroBilt. We also employ HSTS (Strict Transport Security) and CAA (DNS Certification Authority Authorization) to protect our Global Digital certificates that are signed by DigiCert and assures that you’re communicating with MicroBilt and not a copycat site.
- Transactional Security — Not only is all communication between you and MicroBilt encrypted, but it’s also encrypted between MicroBilt and our business partners. This is one more way we’re doing everything we can to protect your information.
- 3rd Party Audits — MicroBilt completes several 3rd party independent audits each year to ensure our network, systems, data, and business processes are secure. In addition, MicroBilt conducts constant external vulnerability testing and semi-annual penetration testing. Together these audits and business processes provide our customers and partners the most secure environment possible.
Best practices to protect your data.
Protect your computer’s security
Keep your computer and browser software current with security updates.
Install and update anti-virus and anti-spyware software and use personal firewalls to protect your computer.
Be alert to the threats posed by malware (malicious software) which can damage or disrupt your system, or secretly record information such as keystrokes.
Do not enable automatic login to your Connect account or pre-fill the Login ID or password fields.
Change your password periodically and avoid using passwords for Connect that you commonly used for other purposes.
For more information on how to protect your personal computer, including links to vendors providing anti-virus and anti-spyware software, you can visit the Federal Trade Commission’s computer security site. Microsoft Corporation provides additional information specific to the Windows operating system at microsoft.com/security. Users of Apple computers can find security information at apple.com/support/security.
Take steps to safeguard your information to help protect yourself from identity theft. MicroBilt takes steps to protect you from identity theft by:
- Utilizing user identification and authentication procedures before permitting access to Connect;
- Creating a secure transmission connection to Connect. You will see the security padlock in your browser’s frame indicating that it’s a secure site;
- Ensuring our employees are trained to safeguard your information.
You can also help protect your identity and account information. Here are a few steps to remember:
- MicroBilt will never request your Login ID or password, or any other information in either a non-secure or unsolicited email communication;
- Check your credit report regularly for unauthorized activity and protect your personal identification numbers (PINs) or personal data.
Using your computer in a safe manner
Do not share your Login ID and password with anyone;
Check to make sure you are interacting with a secure Web site, as above;
Always log off after completing your activities on Connect;
Be careful about using third-party computers or computers that you are not familiar with such as those in Internet cafés and be careful to ensure you have fully logged out.
Do not provide personal or financial information in response to an email request or by clicking on a link, unless you are able to verify the authenticity of the site to which you are taken through the SSL padlock or other means;
Do not enter personal information into a form within an email message or a pop-up;
Do not open an email if you do not recognize the sender and be particularly cautious of any attachments to emails from unrecognized sources.
You can protect yourself against phishing.
Phishing is the illegal attempt to mislead consumers into providing personal or financial information, including account numbers, passwords and Social Security numbers, via email or through fraudulent Web sites.
The most frequent phishing attacks occur through emails disguised to appear as though they came from a reputable financial institution or company.
Most phishing attempts urge you to update or validate your account information, typically through a link in an email directing you to a fake Web site that appears to be legitimate.
A phishing attack can be detected.
While there are many phishing attacks active on the Internet, there are some typical characteristics:
- An email contains an “urgent” tone requesting your immediate action on an account-related matter;
- An email is sent from a user falsely claiming to be a legitimate company with an attachment. An unsolicited email attachment more than likely contains a virus. Do not open it;
- A pop-up window appears from a user falsely claiming to be a legitimate company’s Web site asking for personal information;
Additional information can be found at antiphishing.org or consumer.gov/idtheft