World Class Cloud Security
Our robust secure cloud computing and storage infrastructure is based in Sydney and powered by Amazon Web Services (AWS). Security in the cloud is recognised as better than on-premises. Broad security certification and accreditation, data encryption at rest and in-transit, hardware security modules and strong physical security all contribute to a more secure way to manage Birch Learning Platform.
Encryption & Protection
Each client has their own private database with its own set of access credentials. These databases are encrypted at rest using symmetric key encryption. The connection from the application to the database is encrypted using an AES-256 SSL with a policy set to only operate using TLS 1.2. Secure connections are enforced by HSTS (RFC 6797).
Using AWS Shield Standard with Amazon CloudFront and Amazon Route 53, our clients receive comprehensive availability protection against all known infrastructure (Layer 3 and 4) attacks.
Authentication
Birch Learning Platform allows users to access via the following methods: Single sign on via SAML2, Single sign on via OAUTH2, Local form (requires username and password)
Birch provides different levels of access for users covering learner, manager and differing levels of administrators. Learner self-creation form is protected by reCAPTCHA that enables web hosts to distinguish between human and automated access to Birch.
AWS provides many services and support features that allow the Birch support team to deliver a high performing and secure platform to clients. Starting with the use of multi-factor authentication on administrative accounts to private credentials with granular permission sets for resources.
Resilient Platform
Birch is hosted in the highly secure AWS environment. It provides a means for deploying servers, load balancers, auto-scaling groups, and more for an environment.
Using these pieces, it allows B Online Leaning to perform 0 downtime upgrades as well as the ability to add compute resources during peak load to keep the system performant. Birch has system operation time of 99.95%
Our team on a regular basis or prior to a significant release will conduct vulnerability checks using a specialised application that provides coverage of over 100 generic vulnerabilities such as SQL injection and cross-site scripting, with exceptional performance against all vulnerabilities in the OWASP top 10.
In addition, B Online Learning engage a third-party organisation to perform annual Penetration Testing.
Rigorous Internal Processes
B Online Learning follow a secure SDLC and an Agile methodology. Starting with the coding and following web development best practices, the process goes through multiple layers of tests during each iteration. Starting with sound coding practices, B Online Learning also leverages unit tests, an intelligent CI build tool, automatic testing (application scanning), and manual review.
Birch is used for our employees for tracking participation in the security awareness program on an annual basis or when new employees start as part of the onboarding process. To manage Security and Compliance management, our team uses AWS Foundational Security Best Practices v1.0.0.
B Online Learning’s quality management system includes internal policies and procedures that complies with the ISO27001 certification for information security management. These are reviewed annually by the team and partners.
Whatever learning you do, you can do it with Birch
Get in touch today to find out how easy it is to get started.