Cyber security

Quick tips for protecting your device

Most smartphones and tablets offer password protection and security features that let you remotely lock your device or even erase all of your data if it is lost or stolen.

A firewall on your computer and router protects your machines from unauthorized intruders.

Viruses can disable your computer, and spyware can steal your passwords and account numbers.

If you visit a website that looks questionable, leave. Some free games and free downloads are really tricks to get you to download viruses or spyware.

Change your usernames and passwords for sites you use, especially sites that may contain information about your bank accounts. Contact your financial institutions to look for fraudulent activity. Many companies can set up alerting and monitoring on your account activity.

When a computer or mobile phone company discovers a security threat, they’ll create a fix for it. Set up your systems to update software automatically for added security.

Wireless Protected Access 2, or WPA2, is the safety technology that helps protect your wireless connection.

Quick tips for protecting your accounts

Strong passwords contain a mix of lowercase and uppercase letters, symbols and numbers. Don’t use a password that’s easy to guess, like “12345” or “password.”

Using unique passwords protects your online accounts. If the password for one account is hacked, the others remain safe. Focus on your important accounts first. Think email, financial and social media accounts. And online shopping accounts that store your credit card numbers.

Also, don't store your usernames and passwords on your devices. Otherwise, anyone with access to your computer can log into your important accounts.

It’s OK to write them down. Just make sure you take steps to secure that list. If someone can access it, they can access all of your accounts. If you write your passwords down on paper, lock it in a drawer or safe. If you keep them in a document on your computer, give it an anonymous name (not passwords.doc) and encrypt it, if possible. If you use an app to manage passwords, such as LastPass, SplashID, KeePass or 1Password, use a very strong, unique password to protect it!

Most sites use one or more question-and-answer combinations to reset your password if you forget it or get locked out your account. When selecting the answers for these questions, don’t use anything that’s publicly known or that you’ve posted on social media sites. The secrecy of this information is just as important as your password. You may need it to get back into your account someday, but you want to ensure you’re the only one who can do so.

At Nationwide, protecting your personal information is important. We strive to ensure that our systems are safe, secure, and available. If you have discovered a potential security issue with our systems or applications (e.g., websites, mobile apps), we want to know about it so we can fix it. In doing so, we respectfully request that you adhere to the following guidelines.

• The disclosure email outlines the vulnerability, along with supporting details (e.g., executed commands, tool output, affected assets). Screenshots and video recordings are highly encouraged
• Vulnerability information is not publicly released unless Nationwide has granted you permission
• Contact information is provided so we may contact you with any questions
• Patience is exercised as we seek to understand the best method for mitigating the disclosed vulnerability

• Serious consideration and review of every disclosure submission within three (3) business days
• Nationwide will update you, as necessary, with mitigation effort status

• No social engineering or phishing attempts of any kind against Nationwide employees and contractors
• No denial-of-service testing
• No use of malware
• No testing that may cause damage to Nationwide’s systems

To report vulnerabilities to Nationwide, please email vulnerabilitydisclosure@nationwide.com