Data Security at Ethos

Protecting your family includes protecting your data

Ethos cares about families and we consider safeguarding the security and privacy of customer data an integral part of our mission. We value the trust you place in us, and take the following steps designed to protect your data:

Our efforts to protect you

Safeguarding your data starts before you share it with us. Ethos has built a robust data security program designed to prevent, detect, and respond to security threats. Here are some of its elements:

Encryption

Ethos leverages encryption technologies designed to protect your data. We leverage TLS V1.2 over our websites, an encryption protocol intended to keep data secure when being transferred over a network. Ethos’ website has been rated A by Qualys’ SSL Labs, a leading assessor of website encryption capabilities.

Multi-factor authentication

Multi-factor authentication (MFA) provides an additional layer of data security beyond your username and password. Ethos has implemented and requires MFA for accessing systems storing customer data.

Oversight

Ethos engages 3rd parties to evaluate and audit its data security program. These audits assess the effectiveness of cybersecurity controls across the organization.

Steps you can take to protect your data

You can help protect your data by knowing some telltale signs of fraudulent attempts to obtain your data. Here’s how to spot two common methods of fraud:

Fraudulent emails (phishing/spoofing)

Phishing and spoof emails aim to obtain your data, such as your account credentials (username, password, and/or other account details). These emails use deception, such as impersonating/forging the email address of the senders. Oftentimes, there will be a request of some sort, such as clicking on a link or replying with some data.

Suspicious websites

It is relatively common for fraudsters to try to impersonate legitimate websites. Ethos sites use SSL (i.e., the website URL will include an 's' such as https://ethos.com rather than http://ethos.com). The security icon (padlock) that should appear in your browser indicates the authenticity of an Ethos site.

What should I do if I think I’ve encountered a fraudulent email or suspicious site?

If you come across sites impersonating ethos.com or receive a suspicious email originating or pretending to originate from Ethos, please forward it to spoof.alert@getethos.com. We will review the message to determine if it’s malicious and take actions, as needed. Taking the time to report such matters will not only help to protect you, but the overall Ethos community.

Want to learn more?

Whether you’re concerned about online and mobile security, our policies and practices, fraud, identity theft, or ways you can protect yourself, we’re happy to answer your questions. Please reach out to us at security.talk@getethos.com.

To report potential security vulnerabilities to the Ethos Information Security team, please see our Public Vulnerability Disclosure Policy.