For an optimal site experience, we recommend using a different browser.
Using Internet Explorer may prevent you from accessing, and some site features may not function as expected.

skip to main content

Information Security and Privacy Practices

Data security has always been a top priority for Chubb—and is now more important than ever. Chubb takes a multidisciplinary and multi-faceted approach to the protection of personal and corporate information. We use administrative (e.g., governance and policy), technical (e.g., security tools) and physical safeguards (e.g., locks and other physical security measures) designed to protect information in our care. And we employ data protection strategies that are designed to monitor security threats, as well as clear protocols to respond to them.

Data Protection Culture

At Chubb we actively promote a data protection culture. We maintain policies and standards designed to protect personal and corporate information that have been developed by a multi-disciplinary team including representation from information security and IT compliance, privacy, IT legal, compliance and business representatives.

Technological Tools

Chubb uses information security tools designed to protect information and systems (e.g., encryption, firewalls, intrusion detection and prevention systems, patch management and identity management systems). Our Information Security Team regularly monitors these tools to discover anomalous and suspicious patterns and is prepared to respond immediately. Chubb participates in information sharing networks (government and private) and deploys system updates and other technology as appropriate.

Employee Training

Chubb provides all employees with data protection training, covering topics like password management, secure transmission, social engineering (e.g., schemes to trick people into breaking normal security procedures to perform certain actions or to divulge confidential information) and privacy compliance. Employees involved with information protection, privacy and other risk management specialties also engage in specialized role-based training. Chubb uses a variety of training methods, including computer-based training, role-based training, company intranet awareness campaigns and various simulation exercises.

Risk Assessments and Audit

Chubb’s information security policies and protocols undergo regular assessments and audits. In addition, we benchmark our programs against key regulatory frameworks.

Social Media Guidelines

Users who access Chubb’s social media platforms — including, but not limited to, Twitter, Facebook, LinkedIn, Instagram and YouTube — are asked to be respectful, relevant and safe. For more detail, see our Social Media Guidelines.