We take the responsibility of managing your data seriously and are proud to exceed the industry standard when it comes to protecting your organisation's data
All data transferred between the client and Boardingware is encrypted using industry standard TLS (Transport Layer Security). Any non-secure requests are automatically redirected to the secure port. Data is also encrypted while at rest when stored on our servers.
Our servers are located within enterprise-grade hosting facilities that employ robust physical security controls. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits.
We take a "defense in depth" approach to protecting our system and customer data. Multiple layers of security controls, including security group firewalls, routers and Access Control Lists are implemented according to industry best practice and AWS recommendations. We also leverage the expertise of certified cloud consultants to review our system regularly
Boardingware automatically backs up all of your data every 24 hours. So if an unlikely event occurs, we can recover your data and keep your school running.
Boardingware operates 11 availability zones within 3 geographic regions around the world. Schools can choose to save their data in any one of these three regions. This can help schools to comply with each of their countries data sovereignty regulations which may discourage them from storing data outside their country or economic zone.
All client access into Boardingware requires authentication through username and password, with access being revoked after a preset timeout.
In Boardingware, you can restrict access and permissions for different users to protect the privacy of your students. You can also end all sessions, suspend and delete users from the admin console.
Boardingware boasts a consistent availability above 99.95% over the last 12 months. Customer data is 100% backed up to multiple online replicas with additional snapshots and other backups.
Boardingware's incident response program is responsive and repeatable. Incident process flows and investigation data sources are pre-defined during recurring preparation activities and exercises are refined through investigation follow-ups. We use standard incident response process structures to ensure that the right steps are taken at the right time.
Schools can choose to save their data in any one of these three regions. All data relating to the school, including data generated from users accessing the service elsewhere in the world will be stored in the school’s chosen geographical region. This can help schools comply with each of their countries data sovereignty regulations which may discourage them from storing data outside their country or economic zone.
If you think you may have found a security vulnerability within Boardingware, please get in touch with our security team.
Read more about our Information Security Practices, Privacy Policy, Terms of Use and GDPR Policy