At RLI, protecting your data is our first priority. We have a number of frameworks and controls to ensure that data risk is effectively mitigated:
- We align our processes and technology to both the ISO 27002:2013 and NIST Cybersecurity frameworks. This provides systematic identification, protection, detection, and response and recovery techniques.
- We are Payment Card Industry (PCI) compliant.
- Our websites are SSL (TLS) encrypted, providing the top tier of website security.
- We perform regular scanning of both our external websites and internal applications.
- All employees are subject to annual security awareness training.
- Our Information Technology controls are governed by Sarbanes-Oxley (Sox), and we undergo annual IT Sox compliance audits.
- All our internal laptops and desktops utilize full-disk encryption.
We have a dedicated RLI Security Team that is diligent in protecting your information, and providing a quick and effective response to any new cybersecurity threats.