Security Policy
The State of New Jersey and the New Jersey Division of NICUSA, Inc take your Internet security very seriously. Our technology and policies are designed to make your online transactions with the State of New Jersey safe, private, and secure. Rigorous policies and procedures are utilized to safeguard your personal information, such as social security numbers, banking information, and personal data.
Whenever you use a New Jersey Division of NICUSA, Inc eGovernment Service, the following security measures have been taken:
The New Jersey Division of NICUSA, Inc automatically collects some information when you use our services. It is collected for statistical purposes only. We use the information to make our services easier to use. We do not use it to identify you personally. The information collected includes the following:
- State of the Art SSL (Secure Socket Layer) Encryption - This enables the encryption of sensitive information during an online transaction. Information sent via SSL can no longer be read as plain text.
- Cybertrust Certified - Our policies and procedures have been examined, measured, and validated by Verizon Business Security Solutions Powered by Cybertrust, the global information security specialist.
- Internet Server Security - Hardware and software that controls the data entering and leaving the eGovernment network is monitored and validated for proper security procedures.
- Secure Internal Networks - All data transferred between local and State of New Jersey databases is done via secure FTP or Virtual Private Networks (VPN) to ensure that only authorized user can access the network and no one can intercept data.
- Data Storage Policies - Unless necessary, and you opted into it, we do not permanently store financial information or personally identifying information so it cannot be retrieved or compromised.
- Physical Location Security - All physical locations where hardware and software are located are physically secured and only accessible by individuals with proper credentials.
- Payment Card Industry Data Security Standards (PCI DSS) Compliant - Adherence to performance measurements outlined in the PCI DSS annual self evaluation, as well as submission to regular scans from McAfee Secure to search for network vulnerabilities.
- Application Security - Software tools are employed to scan for individual application vulnerabilities and stability.
- Sarbanes-Oxley Compliant - Adhere to secure change control procedures.
We work hard to protect your personal information while you do business with government online.