eGovernment Services Security Policy

The Maryland Division of NICUSA Inc., eGovernment Services partner of the State of Maryland, takes your Internet security very seriously. Our technology and policies are designed to make your online transactions safe, private, and secure. Rigorous policies and procedures are utilized to safeguard your personal information, such as social security numbers, banking information, or other personal data. SECURED

Whenever you see this icon on a Maryland State eGovernment webpage, the following security measures have been taken or are in place:

  • SSL (Secure Socket Layer) Encryption – This enables the encryption of sensitive information during an online transaction. Information sent via SSL can no longer be read as plain text.

  • Verizon Security Management Program (SMP) – NICUSA’s policies and procedures are regularly examined, measured and validated by Verizon SMP, a global information security specialist.

  • Secure Internal Networks – All data transferred between databases is done via secure file transfer protocols or Virtual Private Networks (VPN) to ensure that only authorized users can access the network and no one can intercept data.

  • Data Storage Policies – As a standard process, NICUSA does not permanently store financial information from online transactions. In rare cases, storage may be required by business need. Users are informed prior to completion of a transaction.

  • Secure Policies and Procedures – Password and network activity audits are performed quarterly.

  • Physical Location Security – All physical locations where hardware and software are located are physically secured and only accessible by individuals with proper credentials.

  • Payment Card Industry Data Security Standards (PCI DSS) Compliant – Adherence to performance measurements outlined in the PCI DSS annual self evaluation, as well as submission to regular scans from Security Metrics to search for network vulnerabilities.

  • Application Security – A software tool is employed to scan for individual application vulnerabilities.

  • Sarbanes-Oxley Compliant – Adhere to secure change control procedures.

The State of Maryland and NICUSA work hard to protect your personal information while you do business with government online.