Customers in more than 30 countries trust Learnifier with their data. This is not something we take lightly. We combine enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected. And our customers rest easy knowing their information is safe, their interactions are secure, and their businesses are protected.
We ensure the confidentiality and integrity of your data with industry best practices. Learnifier servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Our Security Team is on call 24/7 to respond to security alerts and events.
We take steps to securely develop and test against security threats to ensure the safety of our customer data. In addition, third party security experts has performed details penetration tests on our customers behalf.
We make it seamless for customers to manage access and sharing policies with authentication and single-sign on (SSO) options. All communications with Learnifier servers are encrypted using industry standard HTTPS over public networks, meaning the traffic between you and Learnifier is secure.
Facilities
Learnifier servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Our co-location servers are logically separated from other data center customers. Data center facilities are powered by redundant power, each with UPS and backup generators.
On-site Security
Our data center facilities feature a secured perimeter with multi-level security zones, 24/7 manned security, CCTV video surveillance, multifactor identification with biometric access control, physical locks, and security breach alarms.
Monitoring
All Production Network systems, networked devices, and circuits are constantly monitored and logically administered by Learnifier staff. Physical security, power, and internet connectivity beyond co-location cage doors or hosting services are monitored by the facilities providers.
Location
Learnifier leverages data centers in the Europe. Learnifier also leverages communication infrastructure services located in Europe, USA and other countries.
Dedicated Security Team
Our Security Team is on call 24/7 to respond to security alerts and events.
Protection
Our network is protected by redundant firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits, and network Intrusion Detection and/or Prevention technologies (IDS/IPS) which monitor and/or block malicious traffic and network attacks.
Architecture
Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.
Network Vulnerability Scanning
Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.
Intrusion Detection and Prevention
Major application data flow ingress and egress points are monitored with Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS). The systems are configured to generate alerts when incidents and values exceed predetermined thresholds and uses regularly updated signatures based on new threats. This includes 24/7 system monitoring.
Logical Access
Access to the Learnifier Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Learnifier Production Network are required to use multiple factors of authentication.
Security Incident Response
In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.
Encryption in Transit
Communications between you and Learnifier are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS) over public networks. TLS is also supported for encryption of emails.
Encryption at Rest
All customers of Learnifier benefit from the protections of encryption at rest for offsite storage of full daily backups. Databases containing sensitive information are also encrypted at rest.
Redundancy
Learnifier employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime ensures Service Data is actively replicated across DR systems and facilities.
Disaster Recovery
Our Disaster Recovery (DR) program ensures that our services remain available or are easily recoverable in the case of a disaster. This is accomplished through building a robust technical environment, creating Disaster Recovery plans, and testing.
Security Training
At least annually, engineers participate in secure code training covering OWASP Top 10 security flaws and common attack vectors.
Separate Environments
Testing and staging environments are separated physically and logically from the Production environment. No actual Service Data is used in the development or test environments.
Authentication Options
We offer a Learnifier sign-in solution. You may also enable SSO using SAML or login using Facebook, Google or LinkedIn.
Single sign-on (SSO)
Single sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials for your Learnifier Support instance. We support Security Assertion Markup Language (SAML)
Secure Credential Storage
Learnifier follows secure credential storage best practices by never storing passwords in human readable format, and only as the result of a secure, salted, one-way hash.
API Security & Authentication
The Learnifer API is SSL-only and you must have permissions to get authorization tokens to be able to make requests.
Access Privileges & Roles
Access to data within Learnifier is governed by access rights, and can be configured to define granular access privileges. Learnifier has various permission levels for users (back office admin, client admin, trainer, end user, etc.).
Transmission Security
All communications with Learnifier servers are encrypted using industry standard HTTPS over public networks. This ensures that all traffic between you and Learnifier is secure during transit. Additionally for email, we support Transport Layer Security (TLS), a protocol that encrypts and delivers email securely, mitigating eavesdropping and spoofing between mail servers assuming that the receiving end supports it.
Email Signing (DKIM)
Learnifier offers DKIM (Domain Keys Identified Mail) for signing outbound emails from Learnifier. Using an email service that supports these features allows you to stop email spoofing.
Policies
Learnifier has developed a comprehensive set of security policies covering a range of topics. These policies are shared with, and made available to, all employees and contractors with access to Learnifier information assets.
Training
All customers of Learnifier benefit from the protections of encryption at rest for offsite storage of full daily backups. Databases containing sensitive information are also encrypted at rest.
Background Checks
Learnifier performs background checks on all new employees in accordance with local laws. These checks are also required to be completed for contractors. The background check includes criminal, education, and employment verification.
Confidentiality Agreements
All new hires are screened through the hiring process and required to sign Non-Disclosure and Confidentiality agreements.
Ready to experience Learnifier? Start your free trial or book a personalized demo today!
