Cybersecurity Tips to Keep Confidential Personal and Financial Data Safe
STRS Ohio employs multiple cybersecurity measures to ensure that member and employer information stays safe. Behind the scenes, Employer Self Service (ESS) uses several layers of security to prevent bad actors from accessing sensitive data. Here are some things you can do to help keep information safe:
- Be wary of requests to change banking information — If you send ACH or wire payments through your bank, STRS Ohio’s bank routing number and account number can be verified on the STRS Ohio Employer Website. See the Payment Options document for payment remittance and bank information. The most secure way to submit payments to STRS Ohio is through direct debit, which can be set up in ESS. See the Direct Debit Fact Sheet for more information. If you receive an email asking you to change bank information, contact the Employer Reporting Department toll-free at 888‑535‑4050 to confirm the request is legitimate before making changes.
- Send files using secure file upload — Whether you need to send a properly formatted payroll report file or a copy of an SSA-1945 form, using the secure file upload tool ensures an added layer of security. You should never include full Social Security numbers in emails or send SSA-1945 forms as attachments.
- Update your contact information in ESS — Verify that all individuals listed under Employer Contacts in ESS are up to date. You can update contact information using the Request Access form in ESS. A step-by-step guide is available in the ESS Instructions.
- Check the sender’s email address — If an email seems unusual, look at the sender’s email address to make sure the message came from a reliable source. Any email coming from STRS Ohio will end with “strsoh.org.” An email from a different domain such as “gmail.com,” “mail.net” or “strsoh.info” is not valid. If you are unsure, do not reply to the email. Always choose an established method of communication such as calling us directly at 888‑535‑4050 or sending a new email to [email protected].
- When in doubt, contact us by calling toll-free at 888‑535‑4050 — Do not hesitate to contact STRS Ohio directly via phone to verify information and speak to a member of the Employer Reporting Department.
Stay alert when using email. One of the most common methods criminals use to access confidential information is a tactic called social engineering, which is an attempt to trick someone into giving up information or click a malicious link. Often, criminals will pose as people you have personal or business relationships with to manipulate you into giving them what they want.
Again, if you encounter any unusual requests or emails, call STRS Ohio toll-free at 888‑535‑4050 to speak with a member of the Employer Reporting Department.