ClassLink is committed to ensuring that all Personally Identifiable Information (PII) entrusted to us is secure and that the privacy of both its customers and staff members is protected. Your data privacy is our top priority, and our commitment to transparency in safeguarding your data is the ClassLink difference. 

ClassLink maintains a wide range of security controls to ensure the confidentiality, integrity, and availability of your data.  

Private Cloud

Unlike most other cloud companies, ClassLink is your private cloud. We integrate with existing local networks and pass off authentication to your servers behind your firewall. We only keep enough data to identify your users in our system and only the groups specified by your administrators.

Everything is Encrypted

From your connection to our website, communication to our API servers and communication down to your local network, we use HTTPS/SSL for all communication. All our API calls require a temporary unique token that is assigned to your session and automatically deleted after you log off.

Secure Single Sign-Ons using ADFS/SAML

ClassLink can create secure connections to existing ADFS and SAML authentication sources eliminating the need to exchange passwords.

AES-256 bit Encryption

Every single user has their own unique key for their data. Sensitive data is encrypted for all users with AES-256 bit encryption.

Deliver Windows Apps with Web Socket Secure

Easily and securely run Windows apps from any device with just one click. Our connections use either SSH or WSS (Web Socket Secure).

Privacy of Data

ClassLink maintains data that can be categorized into two areas. Data related to customers and data related to our company.

ClassLink maintains data needed for the operation of the ClassLink system. This data includes what is generally regarded as Directory Information such as name, school building affiliation, grade level, and email address. ClassLink may also maintain profile pictures, cell phone numbers for students age 13+ (to send password reset verification codes), student ID numbers, login credentials for various online resources, and personal computer files (temporarily cached for file transfers between cloud drives and stored until deleted by user for the ClassLink cloud drive). ClassLink does not generally maintain information such as mailing address, gender, date of birth, and other personal demographic data.

We also maintain a variety of personal data about staff members needed for ClassLink human resources and payroll purposes.

ClassLink is committed to ensuring that all Personally Identifiable Information (PII) entrusted to us is secure and that the privacy of both its customers and staff members is protected.

Read more about our commitment to data privacy.

Encryption & Encryption Key Storage

All Personally Identifiable Information (PII) is encrypted at rest and in transit. We use strong encryption algorithms including AES-256 with rotated encryption keys. Key exchanges are made using strong cryptographic protocols, and all keys are protected from end to end.

Data Isolation

Your data always remains in your control, and never co-mingled with anyone else’s data. Your demographic data, and any other protected information resides on your own on-premises or exclusive cloud-based servers, and is shared with cloud applications at your discretion.

Vulnerability Management

Vulnerability management is an essential component of ClassLink’s information security program. Vulnerability assessment consists of simulating attacks on networked assets to identify their potential vulnerabilities. Remediation and disclosure of these vulnerabilities is key to keeping your information safe and secure.

Penetration Testing

ClassLink systems undergo regular security scanning and penetration testing to detect and minimize vulnerabilities and eliminate threats to your confidential data. This is done by both in-house and by third-party consultants to most effectively detect any vulnerabilities.

Disaster Recovery

ClassLink maintains a business continuity plan to prepare for the possibility of extended service outages caused by factors beyond our control, like natural disasters or man-made events, with the objective to restore services to the widest extent possible in a minimum time frame. All ClassLink sites are expected to implement preventive measures whenever possible to minimize network failure and to recover as rapidly as possible if and when a failure occurs.

Incident Management

ClassLink has defined and maintains a clear set of procedures should any unauthorized access to your private data occur. This ensures that the root cause of such an incident is identified and remedied as quickly as possible.

Change Management

ClassLink adheres to a change management process and system to apply changes, upgrades, or modifications to customer facing ClassLink products and services as well as internally used business management products and services. We also use this process to manage modifications to the ClassLink internal network, server hardware, and software. A strong change management process enables us to reduce the risk of information corruption, system disruption, and loss of productivity.

Risk Assessment & Management

A risk is an event or condition that, if it occurs, could have a positive or negative effect on ClassLink activities. ClassLink uses Risk Assessment tools to identify, monitor, assess, report, and respond to risks associated with our activities.

Risk assessment and management provides a framework for the performance of periodic information security risk assessments to determine areas of vulnerability associated with ClassLink activities, and to initiate appropriate remediation, if necessary. Our Risk Assessment Process defines how risks associated with ClassLink activities will be identified, analyzed, and managed, and outlines how risk management activities will be performed, recorded, and monitored throughout the lifecycle of a project.

Server Security

Unsecured and vulnerable servers are an entry point for malicious threats. ClassLink’s server installation policies and configuration management procedures are used to secure servers and avoid threats and vulnerabilities. 

Data Backup

ClassLink continually backs up critical data and tests its backups to ensure the accessibility of its information assets to staff and customers. This process prevents the loss of data in the case of an accidental deletion or corruption of data, system failure, or disaster. It also ensures timely restoration of data should accidental deletion or corruption occur.

Patching

Unsecured and vulnerable servers are an entry point for malicious threats. ClassLink relies on consistent server installation and maintenance policies to secure servers and avoid vulnerabilities. 

Security Response Planning

Security Response Plans are created by the ClassLink teams associated with ClassLink products and services as well as internally used business management products and services. These plans are used by ClassLink management to assist in awareness and coordinated response in the event of a security vulnerability or incident. Security Response Plans contain contact information for key personnel associated with the program or service, escalation paths, expected service level agreements, severity and impact classifications, and mitigation and remediation timelines.

Information Logging & Log Review

ClassLink maintains logs from critical systems, applications, and services which can provide key information and indicators of data compromise. The logs are critical for forensic analysis, and are reviewed on a regular basis to proactively respond to potential data issues.

Background Checks

Employee candidates and existing employee background checks are an essential part of security. ClassLink employees are carefully screened and vetted to ensure that your data remains in safe hands. All of our employees sign nondisclosure agreements to prevent the release or misuse of any confidential data.

Security Awareness Training

All ClassLink employees take part in regular security awareness training to ensure that we maintain a culture of security for ourselves and our customers. Ongoing training campaigns, correlated with security testing, helps us to stay ahead of security threats throughout the industry.

Data Breach Insurance

ClassLink maintains cyber liability insurance against the possibility of a data breach.

Security Audits

We conduct regular security audits using third-party security firms to test and refine our protocols to ensure security and privacy. Our security audits evaluate both our core product platforms and our Application Programming Interface (API).

ClassLink has undergone the following security audits:

  • SOC 2 Type II – Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
  • CSA STAR – Rigorous third-party independent assessment of the security of a cloud service provider.
  • ISO 27001 – Framework of policies and procedures for an organization’s information risk management process.

Privacy Statement

ClassLink is committed to ensuring that your information is secure and your privacy is protected.

Read More