This statement has been designed to help you understand the security measures CMS Energy has taken to protect the information you send us via the Internet. Our Privacy Statement explains what information is gathered and how it is used.
Contents of Security Statement:
Does CMS Energy protect my sensitive information?
What is encryption?
How do I know when a web site is secure?
Which parts of the CMS Energy web site are secure?
Is there anything I can do to help strengthen security?
Sometimes I get a security warning message. What is this, and why do I get it?
For more information
Yes, CMS Energy has implemented many levels of security to protect the information you share with us. We have implemented industry standards and CMS Energy-specific measures to protect your sensitive information. In certain areas of our web site a secure connection between your browser and our site is established. This is done using encryption technology. We've also implemented steps to help verify a guest's identity before processing certain types of requests from that guest.
Encryption is a security technique used to protect information by making it unreadable during transmission. CMS Energy uses Secure Socket Layer (SSL) technology, which is the current industry standard for encryption. SSL works with secure browsers, like Netscape (version 2.0 or greater) and Internet Explorer (version 2.1 or greater). By using SSL, information is scrambled before it leaves your browser and is unscrambled when it reaches our site. Should someone intercept the transmission it will be unreadable and will be extremely difficult for them to translate into a readable message. In case you are not sure if your browser supports encryption or not, we have taken some additional precautions. If your browser does not support encryption, you will get an error message and won't be able to use the associated application.
Normally a web site does not have security activated because most web pages only display publicly accessible information. However, when sensitive information is passed, SSL security is turned on. Internet browsers have a feature that allows you to determine if security is active. Please identify the browser you are using below and follow the appropriate instructions. If you are using a browser not listed, please check your browser’s help files for instructions or contact their technical support.
Netscape: To determine if security is activated on a page, position the mouse cursor on the portion of the web page in question and click the right mouse button. Select View Info or View Frame Info from the drop-down menu and the page information will be displayed. Look at the Security section to determine if the page is secure or unsecured.
Microsoft Internet Explorer: To determine if security is activated on a page, position the mouse cursor on the portion of the web page in question and click the right mouse button. Select Properties from the drop-down menu and the page information will be displayed. Look at the Connection section to determine if the page is secure or unsecured.
Most of the information on the CMS Energy web site is public and accessible by everyone. Consequently an "insecure" mode is appropriate for those areas. Some parts of the web site provide access to specific information related to a guest. Before accessing such information the guest must provide unique identifiers. Personal information and identifiers should be protected and therefore, we activate SSL when this information is passed. Verify that security is activated, as explained under How do I know when a web site is secure? before sending such information.
Absolutely. Below are a few easy suggestions that will help protect information:
- Before sending sensitive information always verify that security is activated, as explained under How do I know when a web site is secure?. If the area is not secure, don’t send the information.
- Pick unique identifiers that are easy for you to remember (without writing down) and difficult for others to guess. Avoid the obvious, like your name, address, phone number, account number. Also avoid sequential series, like 1234 or abc or xyz. Use at least six characters, try to use a combination of letters and numbers, for example g0wattz (zero instead of "o" and "z" instead of "s") or smi1ez (one instead of "l" and "z" instead of "s").
- Keep your unique identifiers private, don't share them with others and change them if you think that they may have been compromised
- If someone calls you, representing him/herself as a CMS Energy employee, and asks for your unique identifiers don't tell them. Instead, contact us immediately at 1-800-788-0770.
A message or box, may appear when visitors enter secure pages. This is normal and is controlled by the security settings on your browser. A similar warning may appear when leaving a secured part of the site and before entering a section that does not have security activated. All applications within the Online Customer Service Center and Online Career Center have been secured.
For more information
If you have any questions about this Security Statement, the practices of this site, or your dealings with this web site, you can:
- Send email to firstname.lastname@example.org
- Or if you prefer send mail to the following postal address:
One Energy Plaza
Jackson, MI 49201
Check back to the CMS Energy homepage often to see what other services we have to offer. For help using this system, please e-mail email@example.com or call Customer Service at 1-800-477-5050.
Revised March 7, 2003