Security policies

Security and confidentiality are two extremely important considerations at National Bank Direct Brokerage ("NBDB"), particularly for our transactional and mobile sites. This will become more obvious to you as you take the time to read this section carefully. It deals with all matters directly or indirectly related to security!

A SERIOUS COMMITMENT BY THE NATIONAL BANK!

NBDB has always paid special attention to protecting the personal information you entrust to it. To make sure that your rights are fully respected in this regard, we have developed, in cooperation with other financial institutions and the Canadian Bankers Association, a code of procedure for protecting the personal information of individuals. In accordance with this code, which all our employees undertake to follow, your personal information is placed in your own personal file solely to enable us to properly manage the products and services you are using, to inform you about other products and services which might be of interest to you and to better meet your expectations. Only employees who need to access your personal file in their normal functions are cleared to consult it. To find out more about the National Bank's privacy protection code, click on our Privacy Policies.

The ongoing involvement of the Information Security group of the National Bank is further evidence that NBDB places great importance on the confidentiality and integrity of your brokerage affairs. This group's mission is to:

  • identify and manage information security risks, while taking into account their impact on Bank business;
  • define information security policies, strategies and standards;
  • assist and advise owners of information in evaluating risks and required levels of protection, and in choosing appropriate security measures;
  • make all employees aware of information security and the importance of their involvement.

COMPLETED TRANSACTION-CONFIDENTIALITY ASSURED!

Rest assured that all precautions have been taken to maintain the confidentiality of the information you transmit when doing your brokerage activities via our transactional site.

First, NBDB subscribes to the strictest security standards, as demonstrated by its choice of the 128-bit encryption system. With this system, it is practically impossible to decode the data you exchange with us, and the confidentiality of your transactions is thus ensured.

For your part, you can take certain measures to increase security even more. To start with, you have to choose a password known only to you, and enter it each time you want to log on to do one or more transactions. We strongly recommend that you change your password at least once a month to minimize any chance of it being discovered. All you need to know to manage your password securely is explained in the section entitled “A well-managed password is safer”! (See below).

In fact, with the measures implemented by NBDB and the preventive measures we recommend to you, using the Internet to carry out your brokerage transactions is as safe as contacting our Investor Services.

YOUR SHARE OF THE RESPONSIBILITY!

Our security standards are very high. However, the Internet itself and the computer software you use may also have an impact on the security of your transactions. That is why you should take the necessary measures to maintain a high level of security when you do your brokerage activities with our transactional site.

For example, it is in your interest to become familiar with your Internet browser and identify the security level it offers you. Also pay attention to the messages which your software and computer may give you when you surf the Internet.

Install a personal firewall.

It is highly recommended that you install personal firewall software on your computer, especially if you use a high-speed Internet connection. This type of software gives you additional protection to prevent unauthorized individuals from taking remote control of your station or from accessing your confidential data without your knowledge.

A WELL-MANAGED PASSWORD IS SAFER!

The password is your simplest and most effective way to control access to your confidential information. Managing your password well maximizes your security. Here are the main areas you must pay attention to in managing your password:

Password format
Your password must be made up of 8 alphanumeric characters of your own choice (must be a combination of numbers and letters).

Choice of password
The challenge is to find a password which you'll remember easily, but which will be hard for someone else to guess. For example, you can:

  • join a few words that make up a common phrase (e.g. milk1cow);
  • change the spelling of words (e.g. 120burds);
  • take the first letters of each word in a sentence about you and add numbers ("I'm going on vacation on April 27" becomes "Igovo427");
  • use the first letters or part of each word in an expression, song title or proverb ("Early to bed, early to rise" becomes "E2bede2r").

Important! Do not use any of the above examples as your actual password.

Avoid choosing a password based on personal information (name, surname, names of your spouse or children, date of birth, social insurance number, telephone number, a word in the dictionary, a word in the dictionary spelled backwards, name of a sports team, registration number, etc.). Although easier to memorize, such a password is more likely to be discovered by hackers.

Password security
Here are a few more pointers to ensure that your password helps give your transactions maximum security.

  • Never reveal your password to anyone.
  • Change your password regularly (at least once a month) to make it less likely for it to be discovered. If you suspect that your password has been discovered, select a new one immediately.
  • Use a different password for each of your applications.
  • Don't use the same password as the one that gives you access to your computer at work.
  • Don't use your PIN (personal identification number) for your password.
  • If you write your password down, disguise it. We strongly recommend, however, that you DO NOT WRITE YOUR PASSWORD DOWN. If you absolutely have to do so, do it in such a way that only you will be able to recognize it, and keep it in a safe place.
  • Don't save your password on your computer. Passwords should never be saved on your computer.

Keep in mind that your password is like the key to your house: you must take all the necessary precautions to prevent it from falling into someone else's hands.

Changing your password
For added security, we suggest that you change your password regularly (on a monthly basis) to make unauthorized access more difficult. To change your password, simply go to the “Preferences” section of the navigation bar at the top of our transactional site screen while you are logged on. You will be prompted to enter your new password twice.

When you change your password, please keep the following tips in mind:

  • Try to choose one you haven't used yet.
  • Don't use the same password more than twice in the same year.
  • Don't just choose two passwords and alternate between them.
  • Choose a secure password using the helpful hints in the password section.

In case you forget!
If you really can't remember your password, speak with one of our representatives from our Investor Services at 1-888-363-3511 (toll free) or 514-866-6755. They will assign you a temporary password to give you access to our transactional site. You must then select a new secure password.

BROWSER REQUIREMENTS FOR OUR TRANSACTIONAL SITE

To access our transactional site and benefit from all the security required for your brokerage transactions, you MUST have one of the following browser versions:

For PC users:

  • Microsoft Internet Explorer, Version 8 or higher
  • Mozilla Firefox, Version 3.5 or higher

For Macintosh users:

  • Safari, Version 4 or higher
  • Mozilla Firefox, Version 3.5 or higher

THE WHOLE TRUTH ABOUT COOKIES!

A cookie is a feature that enables a browser to store information provided by the user and save it in a small text file on the hard disk. This information may be used later to simplify your navigation through our transactional site. Please note that with our transactional site no personal information is saved without your consent. Moreover, the information contained in cookies is intended solely to facilitate management of your work session. It is never transmitted to legal or other entities or permanently saved, as it is deleted as soon as you terminate your session.

Several sites offer information on this topic, including: http://www.microsoft.com/info/cookies.htm

Please note that these sites are not endorsed by NBDB and that the Bank assumes no responsibility as to their contents.

SOME MORE DOS AND DONT'S

  • Erase the cache memory of your browser. The cache memory is used to locally store Internet pages consulted, which improves the performance of your browser when you revisit the sites. You can find out more about cache memory by going to the FAQ section.
  • Never open an executable file received by email unless you trust the source and are sure that the sender has an updated antivirus program.
  • Make sure the hard disk of your workstation and the printer are not in shared mode.
  • Install the security upgrades for Windows, Microsoft Internet Explorer, and Microsoft Office and keep them up to date: http://www.microsoft.com/downloads.
  • Install recognized antivirus software and update it. If you use Microsoft Word and Excel, activate Macro virus protection.
  • If you use Microsoft Word and Excel 2000 or a later version, set the security level to average or higher. This measure will notify you by a dialogue box of any unsigned macros and will let you disable them.
  • If a Word document received by e-mail seems suspect, it is preferable to open it with Notepad rather than with Word, because Notepad does not recognize and will not open macros.
  • Do not remain connected to the Internet unnecessarily.
  • Make sure that your personal firewall and your antivirus software are active before you access the Internet.
  • Regularly make backups of your important files.
  • Never leave your computer unattended, especially if it is not protected by a screensaver.
  • Do not download or install freeware, shareware or demo software for which you do not know the source.
  • Always sign out by clicking on the “Sign Out” button available on the top left corner and close your browser to erase any information in your computer's cache.

 

Questions and comments


  
  
         #