What are your cyber security / data security policies?

FAQ > Accounts

RPM is high value target for cybercriminals. We maintain the mindset that every piece of information we have is of high value and we take security seriously. Almost all cyber-attacks are to obtain personal data to use in credit card or identify theft.

Here are a few of the practices we use for cyber security:

1. We use a firewall

One of the first lines of defense in a cyber-attack is our firewall. Our firewall provides a barrier between our data and cybercriminals. In addition to the standard external firewall, our company has installed internal firewalls to provide additional protection. Employees working out of the office must also work behind a firewall.

2. We have strict controls over the emailing of sensitive data

We are restrictive on which types of files can be emailed. We receive, but do not send outbound emails with applications, credit reports, or income documentation attachments as they may contain sensitive information. If other type files are emailed, they must be sent with a password protected link.

3. We require security for mobile devices

We have a focus on security precautions for mobile devices including a requirement that all services have two factor authentication and no data to be stored on the device.

4. We Educate all employees

Since the policies are evolving as cybercriminals become savvier, it’s essential to have regular updates on new protocols. To hold employees accountable, we have each employee sign a document stating that they have been informed of the policies and understand that actions may be taken if they do not follow company policies.

5, Enforce safe password practices

All company devices are password protected.

6. Regularly back up all data

We have multiple layers of data backup on and off site.

7. Install anti-malware software

We have anti-malware software installed on all devices and the network.

8. Use multifactor identification

Using multi-factor identification settings on most tools and email is simple to do and provides an extra layer of protection. We use employees’ cell numbers as a second form, since it is unlikely a thief will have both the password and the mobile device. Additionally, they would have to have the login and password for the site they are attempting to access as well as the password for the mobile device.


Security is a moving target. The cyber criminals get more advanced every day. In order to protect our data as much as possible, it’s essential that each and every employee make cyber security a top priority.