SkillsOS is built with security and compliance at its core. We understand the unique requirements of higher education institutions and are committed to protecting student data and institutional information.
We maintain rigorous compliance standards to meet the regulatory requirements of educational institutions.
Full compliance with the Family Educational Rights and Privacy Act, ensuring protection of student education records.
Independent audit verification of our security controls, availability, processing integrity, and confidentiality.
Ready to handle data from EU students and staff with full GDPR compliance for international institutions.
Completed Higher Education Community Vendor Assessment Toolkit for streamlined procurement processes.
Web Content Accessibility Guidelines compliance ensuring our platform is accessible to all users.
California Consumer Privacy Act compliance for institutions with California-based students and staff.
Enterprise-grade security measures to protect your institution's data at every level.
All data is encrypted using AES-256 encryption when stored in our databases.
TLS 1.3 encryption for all data transmitted between your browser and our servers.
Daily encrypted backups with point-in-time recovery and geographic redundancy.
We only collect and retain data necessary for platform functionality.
Granular permissions ensure users only access data relevant to their role.
Optional MFA support for enhanced account security.
Integration with your institution's identity provider (SAML 2.0, OAuth 2.0).
Automatic session timeout and secure session handling.
Hosted on enterprise-grade cloud infrastructure with SOC 2 certification.
Advanced DDoS mitigation to ensure platform availability.
WAF protection against common web vulnerabilities and attacks.
Enterprise service level agreement with guaranteed availability.
Continuous security monitoring and anomaly detection.
Documented incident response procedures with defined SLAs.
Regular third-party penetration testing and vulnerability assessments.
Comprehensive audit trails for all system activities.
Access our security documentation and compliance materials for your procurement and review processes.
Security Whitepaper
Comprehensive overview of our security architecture and practices
Privacy Policy
How we collect, use, and protect your data
Terms of Service
Our service agreement and usage terms
Data Processing Agreement (DPA)
Standard contractual clauses for data processing
HECVAT Lite Responses
Pre-completed HECVAT questionnaire for procurement
Subprocessor List
List of third-party services that process data
Our security team is available to answer your questions, provide additional documentation, or schedule a security review call.