Keeping Your Data Secure

At Plancorp, we look out for you. That's why we take important measures to protect your security. Here are a few quick facts about how we put your security first.

key icon

Strict Access Controls

We do not have access to your account credentials. We don’t store credentials for your linked financial accounts, either.


Data Encryption

Your data is encrypted at rest and in transit. Our portal requires the latest TLS (a type of digital protocol that keeps data safe) for authentication and encryption.


Partnering With The Best

We leverage industry leading cloud platforms to keep your data and account information secure.

How We Protect You

  • Content Filtering Solution
  • 24/7 Endpoint Protection
  • Darkweb Monitoring
  • Website Protection
  • Security Awareness Training
  • Microsoft365 Security
  • Backup and Data Protection
  • Advanced Threat Hunting
  • Remote Monitoring & Management
  • Email Security
  • Applications Management
  • Vendor Due Diligence
  • Multi-Factor Authentication
Content Filtering Solution

Content Filtering Solution

We utilize a content filter solution that stops malicious actors by preventing access to domains that host malware, botnets, and phishing campaigns.

  • Protection against visiting malicious websites
  • Agent based protection provided no matter the location of the computer 
  • Stops employees from visiting certain categories of websites 
  • Provides ability to see and report on DNS history 
24/7 Endpoint Protection

24/7 Endpoint Protection

Our endpoint protection platform has 24/7 monitoring to detect anomalous actions in real time, including fileless attacks, exploits, bad macros, evil scripts, cryptominers, ransomware and other attacks.

  • 24/7 threat management and response to all alerts 
  • Advanced EDR solution to handle sophisticated threats 
  • More robust protection vs. traditional antivirus protection 
  • Ability to roll back infections on workstations to a clean state 
Darkweb Monitoring

Darkweb Monitoring

We monitor the darkweb for stolen or leaked information. The most common discoveries on the darkweb are credentials for things like web accounts, email, and corporate networks.  

  • Monitors for possible user credentials due to data breaches, hacking, or malicious intent 
  • Warns of duplicate passwords and helps prevents password reuse from causing compromise to other accounts 
  • Automatically protects all email addresses on our domain
  • Ability to add executive personal email addresses for monitoring  
Website Protection

Website Protection

Our website protection platform provides a way to back up our website and all of its data. It also monitors if our website is down and unavailable to the public. Lastly, it monitors our website for malware infections. If ever our site is compromised, the backup provides a simple one-step restore process. 

  • Ensures our ability to restore our website if compromised 
  • Monitors for outages and possible blacklisting 
  • Keeps our website from being blocked in search engine results 
Security Awareness Training

Security Awareness Training

Every team member completes extensive training modules that simulate phishing attacks to help users identify and avoid potential threats. Each user receives scores to help ensure additional training is available when needed. 

  • Provides training upon onboarding and throughout the year
  • Provides ongoing phishing simulations to identify possible risks and initiate remedial training
Microsoft365 Security

Microsoft365 Security

We monitor Microsoft365 for security events. We can report on numerous changes and alert administrations of suspicious activity.  

  • Monitors all accounts for logins outside of the US
  • Monitors for forwarding rules outside of the organization
  • Monitors for mailbox permission changes
  • Monitors for creation of new administration accounts
  • Monitors for access from new device or IP address
Backup and Data Protection

Backup and Data Protection

All of our data in Microsoft365 is backed up three times daily. We are also provided flexible restore options to recover data quickly if necessary.

  • Provides the ability to easily and quickly restore items
  • Provides protection against ransomware
  • Provides ability to restore single items that were accidentally deleted.
Advanced Threat Hunting

Advanced Threat Hunting

We utilize a system to detect threats that have made it past traditional defenses. This system is designed to discover hacker footholds that are on your network. 

  • Provides automated remediation of advances threat if possible, or provides step-by-step actions to take
  • Ability to see possible vulnerable ports that could compromise our devices
Remote Monitoring & Management

Remote Monitoring & Management

Our RMM plugin allows us the ability to manage computer in a workgroup environment. Its policies provide essential protection, locking down vulnerable protocols, limiting end user access to dangerous function, preventing data theft and phishing, and watching for ransomware attacks.

Email Security

Email Security

Our email security system provides spam filtering, malware protection, and phishing protection. It also provides email encryption to allow our team to communicate with clients securely. 

  • More robust spam filter and phishing protection than the built-in option through Microsoft 365
  • Provides a higher level or protection by looking for advanced threats
  • Opens attachments in a sandbox environment to look for malicious actions
  • Provides email encryption to easily and safely send confidential information
Applications Management

Applications Management

All computer applications on our teams' devices have been through an approval process and are always kept up to date to ensure the highest level of security and protection. We are also able to remove unapproved applications should the need arise.

Vendor Due Diligence

Vendor Due Diligence

Vendor due diligence at Plancorp involves a comprehensive process to assess and mitigate risks associated with third-party vendors.

We conduct thorough assessments to evaluate vendor reliability and ethical standards.  Including financial stability, business practices, compliance with relevant laws and regulations, and cybersecurity measures.

We regularly update and refine these processes to adapt to changing regulations and industry best practices.

Multi-Factor Authentication

Multi-Factor Authentication

We utilize two-factor or multi-factor authentication (2FA/MFA) for cloud-based applications to further enhance security.

It adds an extra layer of protection beyond just a password, requiring users to provide two or more verification factors to gain access to cloud resources.

Frequently Asked Questions

Is my information safe with Plancorp?

Yes, your information is secure with us. We employ robust cybersecurity measures, including regular security audits, advanced encryption, and secure data storage practices to protect your data.

Who has access to my personal information?

Access to your personal information is strictly limited to authorized personnel who require it to provide you with our services. We enforce strict access controls and regularly monitor access logs to prevent unauthorized access.

Do you share my information with third parties?

We do not share your personal information with third parties unless it is necessary to provide you with our services, comply with the law, or with your explicit consent.

How do you ensure data privacy compliance?

We stay up-to-date with data privacy laws and regulations to ensure compliance. Our policies and procedures are regularly reviewed and updated to reflect the latest legal requirements and best practices.

What happens to my information if I decide to end my relationship with Plancorp?

If you choose to end your relationship with us, your personal information will be handled in accordance with our data retention policy, which complies with legal obligations and industry standards.

How can I be sure my financial data is not compromised?

We implement multi-layered security measures, including 2FA/MFA, to safeguard your financial data. Our security systems are designed to detect and prevent unauthorized access or data breaches.

What measures are in place to protect my information from cyber threats?

We use state-of-the-art cybersecurity solutions to protect against threats. Our defense systems are continuously updated to guard against the latest cyber threats.

What training do your employees receive regarding data security?

Our employees undergo regular training on data security and privacy best practices, including how to identify and respond to potential cyber threats.

How are you prepared for a data breach or security incident?

We have a comprehensive incident response plan in place to quickly and effectively address any data breaches or security incidents. This plan is regularly tested and updated to ensure preparedness.