How we safeguard your data

Our role in keeping your data safe

You entrust us with a lot of your sensitive personal information. We don’t take that trust lightly: safeguarding this information is a key priority for us. For us to have the best chance of keeping your information secure, it needs to be an ongoing collaboration with you.

What’s the difference between privacy and security

Information security falls under two categories:

Data security: this is all about how we protect your information from falling into the wrong hands.

Privacy: this is all about how we use your information for business purposes. We have an obligation to collect, use and disclose only the information that we absolutely need. You can see our full privacy commitment here.


Our data security measures

With the world of technology ever changing and evolving, we continue to partner with top technology providers and use first-class technological solutions to support our IT team, employees and clients.

We continuously upgrade our technology, focusing on:

  • Innovative data loss prevention tools
  • Secure computing containers for our field representatives
  • Enhanced monitoring of email and internet traffic
  • Additional email encryption protocols to secure both employee and client information

We also maintain a formal cybersecurity program structured around the National Institute of Standards and Technology Cybersecurity Framework and the related Financial Sector Cybersecurity best practices. We use best-in-class security technologies and platforms to be prepared for evolving online threats.

There are three key areas that we consider to ensure that your data is safe:

1) Internal:

  • We restrict access to both physical and digital documents.
  • Access is limited to a “need-to-know” basis.
  • Everyone in our organization must complete annual privacy and information security training, including on:
    • Mitigating the risk of phishing
    • Social engineering attacks

2) Online:

  • We maintain industry best practice digital security, including:
    • Data encryption
    • Firewalls
    • Time-outs for applications
    • Other data-loss-prevention technologies, including the recently rolled out virtual desktop infrastructure (VDI) laptop solution
  • Digital access is safeguarded by strong password standards and multi-factor authentication.
  • Our data security team is alerted to any unusual activity or behaviour and responds swiftly.
  • We have adopted the National Institute of Standards and Technology cybersecurity framework, which is widely considered to be the global best-practice standard. You can read more about the framework here.

3) Partners

  • We conduct thorough due diligence on all third-party service providers.
  • We ensure strong data security provisions.
  • We conduct regular audits to ensure they continue to meet our standards.


Why does IG encrypt emails

What is email encryption?

Email encryption involves encrypting (or disguising) the content of email messages so that they can only be read by the person that the message is addressed to.

Why does IGM encrypt emails?

IGM encrypts emails to secure the transmission of data and minimize the risk to you and to IGM when sending sensitive data, such as:

  • Documents containing personal information, for example, your SIN and date of birth.
  • Copies of bank or investment statements and tax receipts.
  • Pre-populated documents containing sensitive information.

How to access encrypted emails

We have a simple process for accessing encrypted emails: find out how to do it here

Restrictions on encrypted emails

  • Encrypted emails sent to you cannot be forwarded to others.
  • If you respond to an encrypted email, your email will also be encrypted automatically.
  • For more information, or for questions, please reach out to your IG Consultant.

Your role in keeping your data safe

Cyber criminals know that companies like IG have state-of-the-art security, so instead they often try to gain access through customers’ online activity. Their scams can be so sophisticated that even the savviest people might not realize they’ve been targeted.

How to keep yourself safe:

Be fraud aware

  • Be cautious of any communication (this could be an email, text or phone call) that asks you to provide confidential or financial information.
  • If in doubt, contact the company yourself, directly.
  • Don’t use contact information from the original communication.


  • Create passwords that are long and strong.
  • Keep them private.
  • Ensure your security questions are hard to guess.

Keep software and anti-virus/anti-malware protection up to date on your computers and devices.

Only use secure Wi-Fi when accessing sensitive data from a device. Using unsecure networks, such as in coffee shops, can lead to hackers hijacking your computer and stealing your information.

Review your financial documents often (for example, your confirms, statements, etc.) and report any errors as soon as possible.

Contact information
Make sure that your personal contact information is always up to date, including your email address and cell phone number.


What to do if you suspect fraudulent activity on your accounts

Please call us at 1-888-746-6344 or submit a Contact us form.


More resources to help you protect yourself:

Canadian Anti-Fraud CentreTips on how to protect yourself.

Privacy Commissioner of CanadaInformation on protecting your privacy.

Government of CanadaResources for fraud prevention from the RCMP and other contributors.

Getcybersafe.caHow to secure your accounts, devices and connections.

Protect yourself from different types of fraudIncluding online, identity, credit/debit card and real estate fraud.