LearningGrids Security Information
LearningGrids is a learning environment that includes online folders for both teachers and students. Schools and Colleges may have their own LearningGrids site. Any type of file with the exception of exe files can be stored within the online folders.
WriteOnline is an online word processor designed for education. WriteOnline users are able to save WriteOnline files to their online folders. These are the same folders they access through LearningGrids.
This document details the security and privacy measures that have been implemented to protect these online folders.
Within an organization's LearningGrids site, the organization's Site Manager can decide on what terminology to use for their site. The Site Manager can choose different terms for the following:
In this document we have used the terms listed above. The terms may vary if the Site Manager chooses different terminology.
For example, they may want to use 'College' instead of 'School' and 'Tutor' instead of 'Teacher'.
Access to folders is controlled by individual login. Both teachers and students need to log in using either their username or their email address,
plus their own personal password.
When the school LearningGrids site is set up, the school must nominate a Site Manager. In order to perform his or her role,
the Site Manager has complete access to everything on the site. Only the Site Manager can add teachers and students to the site.
All teachers have access to:
- Their own private folders
- The folders of all the students
- The 'school folders' i.e. folders that are shared with other teachers in the school
- Setting of tasks to students, and communicating with students via comments on the tasks
Students can only access their own private folders and tasks.
Authentication is achieved via an SSL certificate using https. This is an industry standard method of encrypting data that is transmitted over the Internet.
This method is used by banks and ecommerce sites.
Our servers have a high speed, uncontended internet connection via fibre-optic cable that is close to the main internet backbone.
There is a high level of resilience in the connectivity between the servers and the main backbone.
Our servers are protected against power failure by several Uninterrupted Power Supply devices.
The site and servers are fully redundant where if one should fail another takes over.
The WriteOnline application is served via a super high speed 24/7 Content Delivery Network with points of presence around the world.
Our firewall is regularly updated with the latest firmware, and Internet traffic is regularly monitored for evidence of attempted hacking.
Data is stored in a secure environment protected by continuously monitored security cameras and continuously monitored alarms.
The data from each server is continuously mirrored to another server. If one server fails, another automatically takes over.
In addition, the data is backed up to tape every two days. One backup tape is securely stored offsite every week.
All Uploaded files pass through a virus checker.
Access to data by Crick Software personnel
Personnel are only able to access data that is necessary for their role. A minimum number of staff have sufficient access for them to:
- Set up and maintain user access to the online folders
- Give technical support to customers
Access by personnel to the data is by individual login and is only possible from within the Crick Software headquarters in Northampton.
Data Protection Act
Crick Software is registered under the Data Protection Act.