Security is critical to Alltuition

Alltuition is committed to safeguarding your personal information. We use a variety of security measures, including encryption and authentication tools, to keep your personal information secure. Your personal information is stored behind firewalls and access is restricted to a limited number of people who are required to keep the information confidential.

Specifically, our servers are housed in a secure facility monitored around the clock by dedicated security staff, our software is developed using industry-standard security best practices, and our employees act in accordance with security policies designed to keep your data safe. See below for more details.

Physical & network security

  • Sensitive data is encrypted using industry-standard methods when stored on disk or transmitted over public networks.
  • Symmetric cryptographic keys are required to be at least 128 bits long. Asymmetric keys must be at least 2048 bits long.
  • Security updates and patches are installed on servers and equipment in a timely fashion.
  • Alltuition’s system is accessible via 128-bit or higher SSL certificates issued by RapidSSL.
  • Your payment information is not seen or stored by Alltuition, only our highly-secure payment processing system.

Web application security

  • Applications developed in-house are subject to strict quality testing and security review. Web development follows industry-standard secure coding guidelines, such as those recommended by OWASP.

Organizational security

  • Access to sensitive data, including application data and cryptographic keys, is strictly controlled on a need-to-know basis.
  • Security systems and processes are tested on a regular basis.
  • All access to secure services and data is strictly logged, and audit logs are reviewed on a regular basis.
  • Security policies and procedures are carefully documented, and are reviewed on a regular basis.