Security is critical to Alltuition
Alltuition is committed to safeguarding your personal information. We use a variety of security measures, including encryption and authentication tools, to keep your personal information secure. Your personal information is stored behind firewalls and access is restricted to a limited number of people who are required to keep the information confidential.
Specifically, our servers are housed in a secure facility monitored around the clock by dedicated security staff, our software is developed using industry-standard security best practices, and our employees act in accordance with security policies designed to keep your data safe. See below for more details.
Physical & network security
- Sensitive data is encrypted using industry-standard methods when stored on disk or transmitted over public networks.
- Symmetric cryptographic keys are required to be at least 128 bits long. Asymmetric keys must be at least 2048 bits long.
- Security updates and patches are installed on servers and equipment in a timely fashion.
- Alltuition’s system is accessible via 128-bit or higher SSL certificates issued by RapidSSL.
- Your payment information is not seen or stored by Alltuition, only our highly-secure payment processing system.
Web application security
- Applications developed in-house are subject to strict quality testing and security review. Web development follows industry-standard secure coding guidelines, such as those recommended by OWASP.
- Access to sensitive data, including application data and cryptographic keys, is strictly controlled on a need-to-know basis.
- Security systems and processes are tested on a regular basis.
- All access to secure services and data is strictly logged, and audit logs are reviewed on a regular basis.
- Security policies and procedures are carefully documented, and are reviewed on a regular basis.