We Take Security Seriously

• Dedicated Security Experts
  Our Chief Technology Officer, Taylor Basilio, leads our security efforts, ensuring our policies are always up-to-date and effective.
  

• Trained and Trusted Team
  Every Resonant Education employee and contractor undergoes thorough background checks and signs strict confidentiality agreements. They also receive annual security training to stay sharp on the latest protection methods. This includes FERPA training and certification.
  

• Secure Remote Work
  We have clear guidelines for working remotely, making sure all connections are secure and sensitive information isn't accidentally seen or heard by others.
  

• Careful Partner Selection
  We thoroughly vet all our partners to ensure they meet our high security and privacy standards before we ever work with them.
  

• Rigorous Data Handling
  We have strict rules for how we manage, transfer, store, and dispose of all private information. This includes classifying data, securely destroying old information, and complying with privacy laws like FERPA.
  

• Top-Tier Physical Security
  We use Google Cloud Platform (GCP) for our infrastructure, which means your data is housed in incredibly secure data centers with strict physical access controls, two-factor authentication, and constant monitoring.
  

• Built-in Security for Our Software
  Our development team follows secure coding practices from the very start, including design reviews, threat analysis, and automated testing to ensure our applications are secure by design.
  

• Advanced Data Protection
  We use industry-standard source control with two-factor authentication, carefully review all our code, and have a strong system in place to quickly handle any security incidents.
  

• Comprehensive Data Management
  We keep point-in-time backups of our databases and store full backups indefinitely. All your data, when it's not being actively used, is encrypted with advanced encryption (AES256).
  

• Fortified Network Security
  Our network is constantly monitored, with access controls, firewalls, and IP-restricted access to ensure only authorized individuals can reach our systems. We also use secure connections (HTTPS/SSL) for all communication.Strong Account Security: We follow industry best practices for managing user accounts, including robust password policies, secure password scrambling, and automatic de-provisioning of accounts for former employees.
  

• Continuous Threat Detection
  We use Google Security Command Center for ongoing vulnerability scanning and conduct annual penetration testing by independent experts to find and fix any potential weaknesses. Our platform is also continuously monitored for network security, DNS health, and more.
  

• Third-party Audits
  Resonant Education works with security vendors to maintain SOC2 compliance and annual penetration testing.
  

• Regular Review
  All systems are regularly scanned and patched to address vulnerabilities. Employees also undergo regular security training.
  
  

In-Depth on Encryption and Logging

• Encryption
  We protect your data both as it moves and when it's stored. When you connect to us, your information is encrypted with HTTPS/SSL, scrambling it to prevent anyone from intercepting or tampering with it. For our internal development, even server access requires highly secure SSH keys. All your data, including backups, is encrypted by default using Google Cloud's robust encryption, specifically the Advanced Encryption Standard (AES) algorithm with AES256. This means your sensitive information is securely hidden when it's not in use.
  

• Logging
  We keep detailed records of all user actions within our systems for security and analysis. This includes information like IP addresses, permissions, login times, pages visited, actions taken, and time spent logged in. We also log all successful and failed attempts to log in, including the date, time, IP address, and username. This helps us quickly spot and address any unusual activity.