secure

SECURITY & PRIVACY

The Engageli platform was developed by security experts, including tenured Stanford Computer Science professors, co-founders of Decru, a storage security company acquired by NetApp, and former officers in the elite military intelligence unit of the Israel Defense Forces (IDF). 

We have a complete HECVAT, a questionnaire framework specifically designed for higher education to measure vendor risk that can be furnished upon request. 

It is our goal to ensure the protection of all of your data by implementing industry best practices.

s1
State-of-the-Art Encryption

All data is transmitted over secure HTTPS using TLS 1.2. This is the same data transmission encryption used by banks and other financial institutions. Data is encrypted at rest using 256-bit AES - for maximum protection.

s2
Student Privacy First

Students are never recorded in a typical class, unless they raise a question. They can also ask and answer questions anonymously if they choose to.

Strict system-wide permission controls ensure that data access is restricted and strictly limited to authorized individuals only.

 

s3
Secure, Reliable Data Centers

Data is stored in a secure, offsite cloud infrastructure that is SOC2/3 compliant. This data center is monitored 24/7 and access is strictly controlled to authorized individuals only. Data backups are held in multiple secure locations to ensure redundancy and availability.

 

s4
Proactive Threat Scanning

Our team is constantly evaluating security aspects across the entire organization. Audit trails are logged and reviewed to detect any anomalous behavior, as early as possible.

 

s5
Best Practices 

We review our security and follow industry best practices, as well as conduct regular monitoring in our hosted data centers.

Institution accounts are separated and protected in production from internal systems, such as development and test instances. It also lets us apply strict access controls and auditing.

s6
Access

Any access to the system, including playing or publishing video/audio streams requires authorization from our backend servers. Publishing and playing authorizations are separate, to increase user flexibility.

For example, it will be possible to authorize a visiting student to listen to or view a class without the ability to send anything to the instructor or other students.