Security & Availability

Privacy Policy     |     GDPR     |     GDPR FAQ     |     Security & Availability

Online Payment Processing Security

In order to accept online payments, SchoolAdmin integrates with several payment gateways, and follows the security requirements and guidelines required by credit card companies and payment gateways (e.g PCI Compliance) along with additional measures that go above and beyond their requirements.

Handling of Secure Payment Details

Any credit card numbers or electronic check account/routing numbers that are provided to SchoolAdmin are immediately passed through to the payment gateway and are never stored on disk in their completed form (encrypted or unencrypted).

Additionally, with certain payment gateways, SchoolAdmin supports “redirect” style payment processing in which the payment details never actually reach SchoolAdmin servers, and instead are sent directly to the payment gateway.

PCI DSS Compliance

SchoolAdmin is certified as PCI DSS Compliant via the TrustKeeper service provided by TrustWave.  This involves a detailed security assessment (SAQ), as well as a monthly system scan to ensure a high level of security.

PCI DSS stands for the “Payment Card Industry Data Security Standard”, and is required by credit card issuers to ensure that merchants meet minimum levels of security when they store, process and transmit cardholder data.

A summary and history of PCI DSS can be found here: Payment Card Industry Data Security Standard

Application Security & Monitoring

Web Connection Encryption 

All web connections are encrypted and authenticated using TLS 1.2 with ECDHE_RSA with P-256 (a strong key exchange) and AES_256_GCM (a strong cipher). Web sessions cannot fallback to out-of-date protocols or use unencrypted connections.

Web Application Protection

The SchoolAdmin product uses page-specific tokens to avoid Cross-Site Request Forgery (CSRF) attacks. User input into the application is scrubbed to protect against cross-site scripting (XSS) attacks. The application is regularly checked via third-party scans to ensure compliance.  Additionally, developers perform code reviews on database access functionality that is written, to act as an additional line of defense against possible vulnerabilities in the connection between the web application and the database.

Application Monitoring

SchoolAdmin monitors the availability of the SchoolAdmin product and the individual services that the product depends on. The SchoolAdmin technical team is notified immediately should the product not respond to requests or if any of the underlying system services (e.g. data stores, job processing queues) become unavailable. Additionally, the team is alerted to any software application exceptions that occur in the product and has an operational process in place to investigate and fix any such issues.

Server Resource Monitoring

SchoolAdmin has monitors in place that track CPU, memory, and disk utilization on all production servers, and notifies the SchoolAdmin technical team when the usage of those resources goes above pre-defined thresholds. This allows for early detection and remedy of situations that could otherwise cause the site to become temporarily unavailable due to resource consumption issues.

Firewalls and server access

SchoolAdmin network architecture allows only secure and authorized access to the company’s production application network and servers. All server interaction is restricted via security groups and no direct database access is permitted via public internet routes.

Security Patches

SchoolAdmin applies new security patches to all web servers automatically within 24 hours of their release.

Intrusion Detection

SchoolAdmin staff regularly monitor the system for unusual and malicious activity. Additionally, the SchoolAdmin system automatically locks user accounts after too many failed login attempts within a certain time period.

Breach Notification

Within 2-business days of discovery, we will report any security breach to the controller of the data (the school or organization). "Security breach" means any unauthorized access, use, or disclosure of confidential information. A security breach does not include: (a) "pings" on a system firewall; (b) port scans; (c) security scans; (d) attempts to log on to information systems with an invalid password or user name; (e) denial-of-service attacks; (f) malware that does not result in unauthorized access, use, or disclosure of confidential information. SchoolAdmin may delay notification if advised to do so by law enforcement agencies or to ascertain the scope of the breach.

Internal Controls

Software Development Lifecycle

SchoolAdmin maintains a defined Software Development Lifecycle that contains the following:

  • Traceable change management from requirements through deployment

  • Segmentation of roles and separation of duties

  • Automated checks for policy compliance

  • Extensive automated quality testing

  • Multi-step human reviews on all changes

  • Controls on the deployment of software to production servers

Internal Controls

SchoolAdmin maintains enforced and audited policies regarding access controls and device management, including but limited to:

  • NIST standard password management

  • Multi-factor authentication

  • Full disk encryption on all devices

  • Limits on systems access with regular audits

  • Tracking with remote lock and wipe capabilities on laptops

  • Restriction and monitoring of physical access to company facilities

Redundancy and Disaster Recovery

SchoolAdmin servers use the latest in redundant data storage components which allow for multiple equipment failures without loss of data. In some cases, entire servers are maintained as back-up to the primary servers.

Database Servers

SchoolAdmin’s database servers are configured with primary and secondary server tiers for redundancy.

Database Back-up

In addition to maintaining secondary database servers with real-time redundancy, SchoolAdmin takes automated database backups and store those separately.  Backups are stored in multiple geographic locations.  Thus, even in the event of total destruction of a SchoolAdmin data center, full back-up copies of all customer data are available.  Database backups are always encrypted "at rest" and in-transit.  SchoolAdmin maintains back-ups for 90 days.

Disaster Recovery

SchoolAdmin maintains a disaster recovery plan which outlines the steps required in order to reconstruct the SchoolAdmin system in the event of system failure.

Data Center Management

Data Center Locations

SchoolAdmin hosts production environments for schooladminonline.com and schooladmin.one in a cloud environment operated by Amazon AWS infrastructure services, with primary servers located in Virginia.

SchoolAdmin hosts production environments for the schooladmin.ca domain in a cloud environment located operated by Amazon AWS infrastructure services, with servers located in Québec.

School data is not transferred across country borders from the primary hosting location (for example, Canada data stays in Canada).

Power / Network Uptime

Amazon AWS provides SLAs of 99.99% uptime network and power for cloud computing customers. This SLA is based on multiple redundant networks providing access to their data centers from different network providers.

Physical Security

Amazon AWS relies on several layers of data security to protect physical assets like servers. Access to Amazon AWS data centers is limited to Amazon AWS data center technicians, who in addition to traditional identification measures, are identified using biometric scanning. Every data center is monitored via security cameras and has 24x7 onsite staff to guard against unauthorized entry. Amazon AWS uses an independent firm to audit physical security procedures.

Additional information

https://aws.amazon.com/compliance/

https://aws.amazon.com/compliance/pipeda/

https://aws.amazon.com/security/