Edunation Data Security
Our top priority is to keep your data safe!
Edunation hosts its application and data in industry-leading Amazon Web Services, whose data centers have been thoroughly tested for security, availability and business continuity. For more details, please read the AWS Security Whitepaper.
This secure facility is protected by the most modern access control in-use with dedicated facility management spaces. Only Edunation authorized technical staff can access the servers physically. Our backups are hosted on an Amazon backup storage service and S3 secure buckets.
Data Redundancy and Backup
Files are stored on a pair of servers behind our firewall. Files are copied from the master storage to slave storage (i.e. secondary backup storage). Our systems are designed with redundancy in mind, in this way the master storage can fail at any time, and a quick intervention brings the duplicate database into service within 10 minutes with zero data loss.
In addition to database redundancy, we have a fully redundant files backup system. Files are backed up every day using incremental versioning to Amazon Web Services S3. The versioning enables the persistence of files that were deleted in the main storage system.
We keep a history of all files indefinitely, which enables us to retrieve files deleted up to one year ago.
We combine enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected. And our customers rest easy knowing their information is safe, their interactions are secure, and their data is protected.
All systems, networked devices, and circuits are constantly monitored by both Edunation and the co-location providers.
Third-Party Penetration Tests
In addition to our extensive internal scanning, each year Edunation employs third-party security experts to perform a broad penetration test across the platform.
Communications between you and Edunation servers are encrypted via industry best-practices 256bit, Class A HTTPS and Transport Layer Security (TLS).
Security Incident Response
In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage.
Our disaster recovery program ensures that our services remain available or are easily recoverable in the case of a disaster.
Our QA department reviews and tests our code base. Several dedicated application security engineers on staff identify, test, and triage security vulnerabilities in code.
Testing and staging environments are separated physically and logically from the production environment. No actual customer data is used in the development or test environments.
Dynamic Vulnerability Scanning
We employ a number of third-party, qualified security tools to continuously scan our application. Edunation is scanned daily against the top security flaws.
Access Privileges & Roles
Access to data within your Edunation is governed by access rights, and can be configured to define granular access privileges.