How Squirrel works to protect your money and personal data against cybercrime

When you trust a business with your money and personal information, you want to know they’re taking it seriously. 

Which is why, here at Squirrel, we eat, sleep and breathe cyber-security.

That means making sure we’re doing everything we can at our end to keep your money and data safe – and also supporting you to do the same.

What does that look like? Well… 

Here’s how you can help keep your money and data secure with Squirrel 

1. Starting with online security 101: passwords!

 

Use a password that's hard to guess, and do not re-use passwords across multiple platforms. (And no, chucking a ‘1’ or a ‘!’ at the end to “mix it up” isn’t really fooling anyone.)

If you can hardly remember what you had for dinner last night, let alone hundreds of unique passwords…the good news is there’s a tool for that! Password managers can be used on trusted devices – like your personal phone or laptop – to help keep track of all your passwords.

At Squirrel, we use a password manager called 1Password – but Apple and Google do a great job of this stuff too. Just be sure to keep your device locked when you’re not using it!

And finally – don’t share your passwords with anyone!

2. Turn on multi-factor authentication (MFA) 

Multi-factor authentication is an added line of defence that makes it much harder for people to get into your account, even if they do somehow get their hands on your password!

Squirrel works with Authsignal to provide MFA for our customers.

3. Enable face or fingerprint recognition, or a PIN, on the mobile app

This is another layer of security, which means that even if someone does get hold of your password, they won’t be able to use it to log-in to the mobile app!

It also means you won’t have to enter your password as often – which is a nice little time-saver.

4. Keep your personal contact info up-to-date

This means you’ll get an alert about any suspicious activity with your account – and it also makes it much easier for us to get in touch with you if there is any suspicious activity, so we can get it sorted.

5. Learn the tell-tale signs of a scam email or text

It’s pretty scary how clever scammers are getting these days, but there are a few things that can be a dead giveaway when it comes to spotting a scam in the wild. Things like:

• If they’re asking you for your account login info – including any links that ask you to “click to log in”.
• If someone is offering unsolicited investment advice, especially on social media and emails.
• The sender’s email address looks suspicious – like if it’s from a Gmail account, or if the domain name is spelled wrong. This is often the best indicator that something’s amiss!
• The text is from a standard mobile number (021, 027, etc.), or an overseas number. Most legitimate businesses, Squirrel included, will text you via a “short code” which is an abbreviated 3- to 6-digit phone number.

And here’s how Squirrel does our bit to keep your money and data secure

We’ve put a whole bunch of measures in place as well to help keep your information protected.  

1. Let’s start with our systems

At Squirrel, we use a large range of Microsoft services, including their cloud storage platform.  

Microsoft is damn good at securing technology, and we make the most of everything they have to offer. That includes everything from applications designed to block cyber-attacks, through to the tools we use to manage access for our staff.

2. We encrypt your data from go to whoa.

Any data stored on our system is encrypted the whole way through – both when you’re using the platform, and when you’re not.

At rest, your data is encrypted using 256-bit AES encryption. And we use TLS 1.2 (Transport Layer Security) when we’re transferring your data to, or from, another website or platform.

3. Our platforms and security measures are rigorously tested and audited.

We do a whole lot of regular testing on our systems to make sure they’re up to scratch, and we have a leading independent cyber-security firm constantly testing and auditing our platforms as well to make sure they’re in tip-top shape.

We’re also audited by KPMG.

4. We have 24/7 monitoring in place designed to catch any unusual activity as soon as it starts – meaning we’ll be alerted to problems very quickly.

Our cyber-security firm also monitors our platforms for threats 24/7. Even when we’re asleep here in New Zealand, they have teams around the globe keeping watch for anything out of the ordinary – and ready to swing into action at the first sign of any issues.

5. And our staff are trained to keep themselves and their technology secure.

That includes training on the importance of keeping up with software updates and security patches, never leaving devices unlocked when they’re not in use (and never leaving them unattended in a public place), and how to spot a suspicious email or attachment.

So, in short, keeping your data and money secure is – and always will be – one of our top priorities

Even though most of what we do happens in the background, so you don’t see it in action, there are plenty of layers of defence working away to help protect our customers and their information.

The opinions expressed in this article should not be taken as financial advice, or a recommendation of any financial product. Squirrel shall not be liable or responsible for any information, omissions, or errors present. Any commentary provided are the personal views of the author and are not necessarily representative of the views and opinions of Squirrel. We recommend seeking professional investment and/or mortgage advice before taking any action.

To view our disclosure statements and other legal information, please visit our Legal Agreements page here.