We recognize that the information contained on the iontuition.com website (“the Site”) is ultimately owned by you as the user of the Site. As such, the Site is obligated to use the technological means necessary to protect your information from unauthorized access or usage. Below are some of the technologies and best practices that are in place for the Site to protect both your identity and your information:
- Personally Identifiable Information (PII) and Confidential Information are encrypted in storage, in transit, and at rest utilizing a minimum of 256-bit encryption.
- Login credentials including IDs, passwords, and any other data used in the identification, authentication, or verification processes are encrypted utilizing a minimum of 256-bit encryption.
- The data center supporting the Site uses physical security controls including authorized access lists, security badge access, motion detection, video surveillance, visitor identity verification, and visitor escorts to ensure that only authorized users have access to the IonTuition data center.
- The data center supporting the Site is monitored by onsite personnel 24x7x365 and data center personnel monitor systems and alerting mechanisms at the same frequency to ensure that unauthorized access to Site systems or your information does not occur.
- Annual security assessments against the information security standards listed below are performed for the Site. These annual security assessments are performed by independent and certified information security assessment companies to ensure objective and complete compliance.
- Routine vulnerability assessments and penetration tests on the systems supporting the Site are conducted ensure that no vulnerabilities exist which might allow a person to obtain unauthorized access to your information.
- Annual job-specific training of employees supporting the Site is conducted with regards to identification and prevention of information security breaches.
- Annual training of employees supporting the Site is conducted with regards to the identification and prevention of identity theft and fraud.
- We ensure that secure connections are initiated between your computer and the Site.
- Iontuition.com uses multi-factor identity verification before granting access to the Site and the information contained within.
- Make sure that you keep your software and operating system versions current.
- Ensure that you install all security updates as recommended by your software, operating system, and hardware manufacturers.
- Install and maintain current anti-virus, malware, and personal firewall software on your personal computer.
- Be aware of potential threats such as keystroke loggers, phishing, and social engineering.
- Refrain from having your computer remember user IDs and passwords to enable automatic login.
- Change your password every 30 to 60 days and use strong passwords consisting of a minimum of 8 characters and including at least 1 upper case letter, 1 lower case letter, 1 number, and 1 special character.
- Use passwords that are not comprised of words that would be easily guessed by someone who knows you or that could be easily found out by someone who doesn’t know you.
- Use passwords that are not found in the dictionary.
- Do not share your Login ID or password with anyone including iontuition.com or i3 Group employees.
- Always log off of the Site when you have finished your activities.
- Avoid using any computer that you are not positive you can trust with the safety and security of your personal and confidential information.
- Never provide any personal information, user IDs, passwords, PIN numbers, account numbers, etc. via email or to an unsecure website. If any such information is requested via email, you should place a telephone call to the originator so you can verify their identity and need for the information before providing it. If requested to enter such information into a website, you should verify that it is a site you can trust and make sure the site is secure by looking for the SSL padlock in the address bar of your browser.
- Do not open emails from unknown senders and use caution when opening unexpected or suspicious attachments from a known sender.
- Check your credit report and account statements regularly for unauthorized or suspicious activity.
- Pay attention to email or text alerts from any website to which you subscribe to such alerting as they will often provide early warnings of identity theft or fraudulent activity.