Ensuring the security and confidentiality of our customers’ data is the first priority at ConexED. Our system encompasses and represents the security, compliance, and privacy controls and features that protect our customers’ most sensitive data.
The Family Educational Rights and Privacy Act (FERPA) is a federal law that affords parents the right to have access to their children’s education records, the right to seek to have the records amended, and the right to have some control over the disclosure of personally identifiable information from the education records. When a student turns 18 years old, or enters a postsecondary institution at any age, the rights under FERPA transfer from the parents to the student. ConexED protects those rights.
ConexED takes student information protection very seriously. No one will have access to, nor will any information be disclosed from, a student educational record without the written consent of the student. The only exceptions: “school official with legitimate educational interests,” to authorized representatives of the federal and state governments for audit and evaluation of federal and state supported programs, or other provisions outlined by the FERPA document.
ConexED encrypts and secures all files hosted on Amazon Web Services’ (AWS) S3 Service. All ConexED server certificates are signed by a recognized Certificate authority (DigiCert) and use 256-bit SSL encryption for all web communication. All
communication amongst the database, application, and authentication servers is also conducted via secure connections.
Furthermore, ConexED ensures proper role types are assigned to faculty/staff with corresponding access to prevent any private information or messages to be shared.
ConexED is 100% committed to creating the most accessible video meeting software for education. Our voice-to-text functions allow all participants options on audio announcements and real-time closed captioning. Our software is specifically designed to work with all the major screen readers, offers closed captioning that can be edited in real-time, a text-to-speech function, and keyboard shortcuts that follow standard logical sequencing.
Because we are education specialists, our software is designed with accessibility in mind. We make resolution of accessibility issues our highest development priority. We will respond issues discovered or reported by users within one business day with a written action plan and timeframe to resolve the issues. We test thoroughly for accessibility before anything is released.
ConexED can be navigated without a mouse. By using the tab key to choose various buttons and hitting enter. Not only can you use the tab key to tab through the buttons manually, there is also a keyboard shortcuts button that when activated through clicking or hitting the enter button, will display a full range of key combinations that you can use to navigate the cafe and make your interactions faster.
HIPPA and Data
All of ConexED products are hosted and provided via the Amazon Web Services platform. No data hosted within the United States ever crosses international borders. At no time are international and national data co-mingled, including student health records or history.
Meeting archive data (videos, audio and chat text) are stored as encrypted files on Amazon’s S3 servers using 256-bit Advanced Encryption Standard (AES-256). All meeting archive data is created and transferred to the S3 servers using SSL within a secure Virtual Private Cloud within the Amazon cloud. All web services, REST APIs and database applications are hosted via HTTPS. ConexED SSL configuration has an A rating from Qualy SSL Labs.
User data is stored on Amazon’s RDS (Relational Database Service). Connections to the RDS from our web app are over SSL and are on a private subnet. Remote connections to the DB outside of the VPC are impossible without access to the bastion server via SSL and a private key. Only ConexED’s CTO (Michael Gorham) has access to said private key which is rotated on a monthly basis. The bastion server is fire-walled with only TCP port 22 open which is normally turned off as connections directly to the DB are rarely needed.