Menu

Questions?

Below are some of the more common questions that come up when we talk to people. Take a look to see if yours is answered and if not, drop us a line.

GENERAL
PLANS AND PRICING
DATA
  • Does Scoir sell information about me?

    Never! We do not sell, license, lease, rent, [insert your own synonyms here], or provide any third-parties access to your information. Student data is only accessible by high school counselors (if you attend a SCOIR high school), your parents (if you grant them access), and colleges that you are following (if you make your profile viewable). Parent data is accessible only by the parent. For more information check out our legal terms and policies.

  • Is Scoir a secure platform?

    Scoir's security model is an end-to-end process focused on keeping our users safe and their data secure. The SCOIR platform leverages the public cloud infrastructure provided by Google. How our services interact with this secure platform are governed by the following systems, processes and protocols.

    User Authentication and Credential Management

    SCOIR has controls and practices to confirm the identity of client-users and protect the security of client information. Strict procedures are employed for authenticating that each new client account is initiated and confirmed by a valid and authorized representative of a high school or college institution. Our system requires unique school-validated usernames and passwords that must be entered each time a client-user signs on to SCOIR. A centralized user management system is used to define and control client-users’ access to information and services. Client-users are required to maintain the confidentiality of their usernames and passwords and they are provided with referenceable procedures to follow if they become aware of any unauthorized use of an account.

    Secured Service APIs and Authenticated Access

    All services are managed through a secured global API gateway infrastructure. This API serving infrastructure is only accessible over encrypted SSL/TLS channels, and every request requires the inclusion of a time-limited authentication token generated via human login through the authentication system described above.

    Data Encryption

    SCOIR services encrypt client data stored at rest, without any action required from the client, using 256-bit Advanced Encryption Standard with each data encryption key itself encrypted with a regularly rotated set of master keys. All data traffic between user browsers and our data centers are automatically encrypted using robust public key technologies (2048-bit RSA or P-256 ECDSA SSL certificates issued by a trusted authority) or Transport Layer Security (TLS) for email and message routing.