Helping to keep your plan secure
Keeping retirement plan and participant data secure is a mission-critical priority at John Hancock. As the threats to cybersecurity become more sophisticated, so do our efforts to keep your plans safe.
We're committed to adhering to recognized international technology and security standards.
PCI DSS compliant*
ISO 27001 certified company compliant*
Sarbanes-Oxley compliant
AICPA SOC 1 Type 2 and SOC 2 Type 2 compliant
*John Hancock leverages the advantages of Microsoft's industry certifications to enhance our operations.
Multi-tiered approach
Technology infrastructure
Secure, resilient, and redundant
Our infrastructure is in the Microsoft Azure cloud, giving us the benefit of the measures it takes for security, data integrity, and platform resiliency.
Round-the-clock physical security
Encryption of all data in transit between Azure's data center and John Hancock
Layered firewalls
Application logging and monitoring
Automated backup controls
Load balancing
Currency patching
Disaster recovery site outside the geographic region
Front-end security
Measures to help protect data at the front line
At the John Hancock level, we have additional safeguards through application management, cybersecurity measures, identity access management, regulatory compliance, and encouraging safe participant online behavior. Our enterprise information security program has comprehensive round-the-clock business resiliency and disaster recovery, and we monitor web traffic for fraudulent third-party access and the presence of certain malicious software.
At the front end of a web transaction: multifactor authentication and risk scores
We use multifactor, risk-based account authentication that analyzes more than 100 factors in real time and assigns a risk score determined by device and behavior profiling.
- Device profiling analyzes the device being used to access our website or mobile application.
- Behavior profiling looks at the record of typical activity for a user.
At the front end of a phone call: phoneprinting
Before we answer a call, Pindrop analyzes 147 factors in real time and assigns a risk score. Phoneprinting looks at factors that include:
- Geographic location
- Call type (e.g., landline or mobile)
- Unique phone
- Noise clarity, background noise, and packet loss
Operational safeguards
Supporting technology with process
Technology solutions aren’t enough—we’ve also implemented processes and procedures that help to secure our network and data.
Daily monitoring of participant accounts for suspicious activity
Temporary hold on participant accounts when suspected fraudulent activity is detected
As part of our efforts to keep participant accounts safe and secure, John Hancock offers a Cybersecurity Guarantee
Under the Cybersecurity Guarantee, John Hancock will, subject to certain conditions, compensate participants for unauthorized transfers of cash out of covered accounts1 occurring through no fault of their own by reimbursing the amount of any cash included in such an unauthorized transfer.
Learn more about our open-architecture platform
Building your plan
With five decades of retirement plan experience, we consult with you to help you navigate the opportunities, risks, and complexities of plan sponsorship.
Managing your plan
We'll make your job as an administrator and fiduciary easier, including accepting fiduciary responsibility for certain administrative tasks.
Selecting and monitoring investments
Our open-architecture platform makes thousands of funds available as you select your plan's investment lineup, with services available if you'd like some help.
Engaging your participants in the power of their plan
We provide participants with personalized guidance to help them create a plan to meet their unique financial and retirement goals.
Financial professionals—want to learn more about our flexible, scalable open-architecture platform?
Find your local John Hancock representative1 Covered accounts include your retirement accounts with John Hancock, such as a 401(k) or profit-sharing plan, for which John Hancock is the recordkeeper.