Security measures


In order to be truly effective, any actions Questrade takes to ensure your security must be made in conjunction with actions you take. And online security doesn't stop online. Safe computing habits also include off-line actions, like shredding documents with personal details or informing businesses – including your brokerage – of any change of address.

A new computer is pre-configured with factory settings. Running your computer with these defaults leaves you open to security breaches. Note: with all security measures, whether software or your operating system, the manufacturer will issue regular notices of updates or patches. Register with each manufacturer to ensure you receive the notices, and install new versions promptly.

  • Anti-virus software
    A hardware-based firewall is stronger, but both will do. Many computers have firewalls built into their operating systems. Ensure you turn off any default firewall before installing a new one. Also, do not run two firewalls simultaneously.
  • Firewall (hardware or software based)
  • Operating System
  • Browsers
    Many browsers include filters that can block phishing sites. The newest editions of Microsoft's Internet Explorer, Mozilla's Firefox, and Opera all include this feature. Filters are an important tool especially when used in conjunction with other anti-piracy tools.
  • Anti-spyware
  • Wireless
    Wireless routers are very convenient. They can also leave your computer vulnerable to malicious hacking. Ensure you change the default password for your router, whether internal, external or wireless. On your network, enable the wireless encryption and disable the SSID (Service Set Identifier). Precise details for encrypting and hiding identifiers are different for every device. Refer to the manufacturer's guidelines for specific details.

With your computer environment secured, the next step is to ensure you protect your online interactions – any point at which you divulge personal details with online businesses.

  • For any activity that requires you input personal information, use your own computer or a machine you can verify. The security level on public computers, whether at a library, an Internet café, or a hotel lobby, cannot be accurately tested or verified as virus and spyware free.
  • Access your brokerage account ONLY from a secure web page using encryption. A secure website address starts with https rather than http. Also look for the closed padlock icon beside the address bar. It appears when the site is verifiably authentic and represents an SSL (Secure Sockets Layer) certificate. Important note: there have been instances of fraudulent use of the SSL icon within the body of an email. See phishing for more information.
  • Empty your cache or browser history. This is particularly important if you are not on your own machine.
  • Pharming sites can be very difficult to distinguish from authentic sites. If you are unsure as to a site's authenticity, right-click on your mouse and then scroll down to properties. Open properties and click on the certificates button. If the site does not have a certificate, it is not secure, therefore any information you enter on it is vulnerable. Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent web sites without their knowledge or consent.
  • Change your password frequently and assign a unique password to every online interaction. Ideally, change your password every month to 6 weeks. Your password should be a minimum of 8 characters. A strong password will be a combination of upper and lowercase, and will also include numbers and symbols, such as a question mark or ampersand.
  • Know who you are dealing with. Questrade WILL NEVER send you an email asking you to provide personal / confidential information. If you receive a suspicious-looking email, report it directly to security@questrade.com. Never send account info online in response to emails (re: phishing and pharming).

Any physical documents that contain personal information should also be safeguarded and monitored. There are numerous steps you should take; the following are particularly important for dealings with financial institutions such as Questrade.

  • Review your statements carefully and be proactive. Make sure any transactions shown are transactions you made.
  • Always keep your mailing and email addresses current. Advise Questrade immediately if you change your contact information.
  • Use a shredder to destroy documents that contain personal information. This includes account statements, unsolicited mail addressed to you such as pre-authorized credit cards, receipts that you no longer need that include a credit or debit card number.