Broker Frequently Asked Questions Aetna Device Encryption

Broker Frequently Asked Questions

Aetna Device Encryption Requirement

Check out some important questions and answers about Aetna’s broker device encryption requirement. This information also applies to all our joint venture business partners.

What is Aetna’s broker device encryption requirement? For maximum data protection, we require that all broker and joint venture broker devices used to access and/or store Aetna member data have full-disk encryption enabled. This includes laptops, personal computers (PCs), smartphones and tablets.

Why does Aetna require encryption on broker devices? The Aetna Global Security & Resilience team identified the broker space as one area where large volumes of Aetna member data are processed or managed.Ensuring that broker devices are encrypted helps prevent unauthorized access to this data and mitigate the risk exposure.

What devices are required to be encrypted? Any device that you use to access and/or store Aetna member data must be encrypted.This includes laptops, PCs, smartphones and tablets.

What is full disk encryption? Full-disk encryption is a technology that automatically converts everything stored on your computer into a form that cannot be read by anyone who does not have the password to undo the conversion.Encryption software is installed on a device (e.g., PC, laptop, smartphone or tablet) to convert the data to a secure format. The software uses a user-defined password to convert the data back to a readable format when the user logs on to the device. If the device is stolen or improperly accessed, the data would not be legible to the intruder without this password, making it useless to them.

Is encryption software safe to install? Encryption software is safe to install. It will not damage your device or destroy your data.It does not monitor or enable monitoring ofth e data.

How will Aetna know if my device is encrypted? When you go to an Aetna broker website login page, a pop-up message will appear. The message will ask you to confirm whether your device is encrypted.Click the “Yes” button to confirm that your device is encrypted, and you’ll be immediately redirected to the login page. If you choose the ”No/I don’t know” button, you’ll be presented with educational information about encryption and additional resources.Close the pop-up screen to continue to the login page.

Will I be blocked from the Aetna broker website if I do not have encryption in place? No. You will not be prevented from logging in to the Aetna broker websites, regardless of your response.

Proprietary If I need to purchase encryption software to comply with this requirement, will Aetna pay for it? No. You are responsible for selecting and purchasing encryption software for your devices. However, many newer devices already include full-disk encryption capabilities as a feature of the operating system. So, you may not need to purchase anything. Contact your local technical support team for assistance to verify whether your device includes full disk encryption software.

I have approved encryption software already installed. How do I provide proof? We have implemented an encryption confirmation pop-up message on the broker website login pages. The message asks whether you have full disk encryption activated.Simply click “Yes” to confirm that your device is encrypted, and the pop-up message will disappear so you can log in.

Will I be required to respond to the pop-up question every time I visit an Aetna broker website? No. Your response to the pop-up question on an Aetna broker website is stored in a web browser file, called a cookie. The first time you visit a broker website, you will see the pop-up message. Your response to the pop- up question generates the cookie. The cookie can be read by any of the Aetna broker websites that you visit using the same device and web browser.

Each website cookie has a pre-determined expiration date, after which time you will be asked to re-verify your encryption status.Currently, the cookies are set to expire within twelve months if you verify that your device is encrypted.The first time you click the “No/I don’t know”button in response to the pop-up question, the cookie will expire in 90 days.This is to give you an opportunityto verify your encryption status or install encryption. If, after 90 days, you respond “No/I don’t know” again, you’ll be provided with additional educational information and a new cookie will be set to expire in 60 days.

It’s important to note that you’ll see the pop-up question again if: • Your web browser is configured to clear cookies • Your browser cookie gets erased • You log in with a different web browser or device

If the device you are using to log in to a portal does not support cookies at all (e.g., thin client or tablet), you will not see the pop-up screen.

Is there specific encryption software that I must use? No. You can use the encryption software ofyour choosing as long as it meets these minimum requirements: • Full-disk encryption • Advanced Encryption Standard (AES) encryption • Encryption key strength of128 bits or higher

Although Aetna does not endorse any particular encryption product or vendor, the following are examples of encryption software that meet the minimum requirements: • Microsoft BitLocker • Apple FileVault2 • Android Encryption • AlertSec Checkpoint FDE • McAfee Complete Data Protection • Symantec EndPoint Encryption • Sophos SafeGuard

Proprietary You can find a list of encryption providers, along with other useful information about full disk encryption, at www.encryptmylaptop.com.

AlertSec offers discounted first-year pricing to insurance brokers to purchase its Checkpoint FDE encryption software. You can find information about this discount at www.encryptmylaptop.com.

We recommend you work with your local technical support team or device support resources to determine the best encryption product for your device.

Do any devices have default encryption installed? Yes. Many device manufacturers have begun providing encryption software as a standard feature.Microsoft BitLocker is a full-disk encryption feature that’s included with many newer versions of the Windows operating system.FileVault 2 is a comparable Apple feature that’s included in all Mac OS X versions, starting with 10.7.

You should contact your local technical support team or device support resources for questions related to default encryption on your device.

How can I tell if my device is encrypted? To determine whether your device includes encryption or to activate the encryption, follow the instructions provided for the operating systems below. If you have trouble or your operating system is not listed, contact your local technical support team or device support resources for assistance.

• Apple FileVault Encryption: https://support.apple.com/en-us/HT204837 • Microsoft BitLocker for Windows: : https://docs.microsoft.com/en- us/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions

Is there anything I should do prior to activating encryption on my device? Yes. Werecommend you do the following: • Back up your data to your corporate server or an external hard drive. • Verify that your device matches the system requirements listed for your encryption product, including disk space specifications. • Confirm that your device is running a recent version of the operating system and is completely up to date with security patches, as well as software and firmware upgrades. • Consult with an IT support professional for guidance if you are unsure about compatibility.

Which Aetna websites will require encryption verification prior to logging in? This program launched on the Producer World and Aetna Senior Supplemental Insurance websites in September 2018. Other Aetna, Aetna Affiliate and joint venture websites that require brokers to log in may be included in the future.

What will happen when I try to log in to these sites? When you go to an Aetna broker website login page that is configured for encryption verification, a pop-up message will appear. The message will ask you to confirm whether your device is encrypted.Click the

“Yes” button to confirm that your device is encrypted and the pop-up message will disappear so you can log in. If you choose the ”No/I don’t know” button, you’ll be presented with educational information about encryption and additional resources.Close the pop-up screen at any time to continue to the login page. You will be able to log in to the portal regardless of your response.

Proprietary Who can I contact if I have questions or need technical assistance? For assistance with installing or activating encryption software on your device, please contact your local technical support team.

If you have questions about the Aetna broker full-disk encryption requirements or the program, please contact our Global Security & Resilience team for assistance. You can reach them by calling 1-959-230-9361 or sending an email to [email protected].

Aetna is the brand name used for products and services provided by one or more of the Aetna group of subsidiary companies, including Aetna Life Insurance Company and its affiliates (Aetna).

PProprietary