Technological Protection

We recognize that the information contained on the website (“the Site”) is ultimately owned by you as the user of the Site. As such, the Site is obligated to use the technological means necessary to protect your information from unauthorized access or usage. Below are some of the technologies and best practices that are in place for the Site to protect both your identity and your information:

  • Personally Identifiable Information (PII) and Confidential Information are encrypted in storage, in transit, and at rest utilizing a minimum of 256-bit encryption.
  • Login credentials including IDs, passwords, and any other data used in the identification, authentication, or verification processes are encrypted utilizing a minimum of 256-bit encryption.
  • The data center supporting the Site uses physical security controls including authorized access lists, security badge access, motion detection, video surveillance, visitor identity verification, and visitor escorts to ensure that only authorized users have access to the IonTuition data center.
  • The data center supporting the Site is monitored by onsite personnel 24x7x365 and data center personnel monitor systems and alerting mechanisms at the same frequency to ensure that unauthorized access to Site systems or your information does not occur.
  • Annual security assessments against the information security standards listed below are performed for the Site. These annual security assessments are performed by independent and certified information security assessment companies to ensure objective and complete compliance.
  • Routine vulnerability assessments and penetration tests on the systems supporting the Site are conducted ensure that no vulnerabilities exist which might allow a person to obtain unauthorized access to your information.

Process Protection

In addition to technological protection, we recognize that human behavior is as important to the protection of your information as technological protection. As such, the following processes have been implemented for the Site to ensure the protection of your information:

  • Annual job-specific training of employees supporting the Site is conducted with regards to identification and prevention of information security breaches.
  • Annual training of employees supporting the Site is conducted with regards to the identification and prevention of identity theft and fraud.
  • We ensure that secure connections are initiated between your computer and the Site.
  • uses multi-factor identity verification before granting access to the Site and the information contained within.

Personal Protection

We take great care to ensure that we’re doing everything possible to protect your personal and confidential information. In spite of our exhaustive efforts, there is still a personal burden, which falls on you to ensure that your identity and personal information remains secure. Below are a few tips to follow to ensure that your information is not compromised. 

  • Make sure that you keep your software and operating system versions current.
  • Ensure that you install all security updates as recommended by your software, operating system, and hardware manufacturers.
  • Install and maintain current anti-virus, malware, and personal firewall software on your personal computer.
  • Be aware of potential threats such as keystroke loggers, phishing, and social engineering.
  • Refrain from having your computer remember user IDs and passwords to enable automatic login.
  • Change your password every 30 to 60 days and use strong passwords consisting of a minimum of 8 characters and including at least 1 upper case letter, 1 lower case letter, 1 number, and 1 special character.
  • Use passwords that are not comprised of words that would be easily guessed by someone who knows you or that could be easily found out by someone who doesn’t know you.
  • Use passwords that are not found in the dictionary.
  • Do not share your Login ID or password with anyone including or i3 Group employees.
  • Always log off of the Site when you have finished your activities.
  • Avoid using any computer that you are not positive you can trust with the safety and security of your personal and confidential information.
  • Never provide any personal information, user IDs, passwords, PIN numbers, account numbers, etc. via email or to an unsecure website. If any such information is requested via email, you should place a telephone call to the originator so you can verify their identity and need for the information before providing it. If requested to enter such information into a website, you should verify that it is a site you can trust and make sure the site is secure by looking for the SSL padlock in the address bar of your browser.
  • Do not open emails from unknown senders and use caution when opening unexpected or suspicious attachments from a known sender.
  • Check your credit report and account statements regularly for unauthorized or suspicious activity.
  • Pay attention to email or text alerts from any website to which you subscribe to such alerting as they will often provide early warnings of identity theft or fraudulent activity.

Bank Level Security protects your information with the same or better security controls used by financial and government institutions. These controls include, but are not limited to, 256-bit encryption as well as actively monitored logical and physical security controls that meet or exceed industry standards. Our controls are independently monitored and verified by Digicert®—the very same certification authority trusted by intel®, Microsoft®, Facebook®, the U.S. Department of Homeland Security, and 40,000 other customers.

Email Notifications notifies you any time a change is made to the information you have stored on our site. These notifications include account registrations, password changes, profile updates, and status changes that prevent unauthorized access to, or modification of, your information.

Account Transactions, its supporting systems, and data center are monitored by onsite security personnel and redundant, automated monitoring systems. We safeguard your information every minute of every day to identify unusual or suspicious activity and preempt breaches.

24x7x365 Protection, its supporting systems, and data center are monitored by onsite security personnel and redundant, automated monitoring systems. We safeguard your information every minute of every day to identify unusual or suspicious activity and preempt breaches.