Proctorio’s Data Security Methodology Confirmed by Leading Information Security Company

A leading information security consulting company, has completed a comprehensive Security Assessment of Proctorio’s approach to data security

A leading information security consulting company, has completed a comprehensive Security Assessment of Proctorio’s approach to data security.

After a month-long engagement conducted from June 24 to July 24, 2020, White Oak Security, Inc. has conclusively found that Proctorio’s downloadable Browser Extension appropriately implements Zero-Knowledge Encryption, meaning that Proctorio never possesses the encryption keys for the audio or video that is stored. Zero-Knowledge Encryption guarantees that no one outside of approved institution representatives, including Proctorio employees, ever has access to exam-related data.

Recommended AI News: Verizon and AWS Deliver Mobile Edge Computing to Customers in Boston and the Bay Area

White Oak Security also confirmed that the Browser Extension’s cryptographic functionality was implemented appropriately, signifying that Proctorio is “adequately hardened” to resist external tampering or intrusion. Finally, White Oak Security determined that video and audio for all exams are stored in the proper geographical regions in compliance with national/local data privacy laws.

“Since inception, Proctorio has put data security first,” says Mike Olsen, CEO and Founder of Proctorio. “Proctorio leads with transparency and the public release of White Oak Security’s Security Assessment results confirmed what we have known all along: Proctorio’s protection of test taker privacy is unparalleled in the remote proctoring industry.”

Proctorio puts the security of student users at top priority. In early June 2020, Proctorio alone was ruled to be GDPR compliant and privacy centric by the Amsterdam District Court, encouraging the University of Amsterdam’s (UvA) continued usage of Proctorio’s remote proctoring services despite student concerns regarding privacy.

Recommended AI News: Venatus Expands In-Game Advertising Offering With Frameplay

GDPR’s seven principles are: lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; and accountability. In the case of security breaches that leak personal data, institutions are expected to communicate the incident with clients in a timely manner to ensure a quick escalation and resolution process.

With test takers in all but four countries around the world, Proctorio never requires the collection of biometric data or any personally identifiable information beyond what is already required to access each institution’s Learning Management System. Additionally, Proctorio conducts daily vulnerability and penetration tests to assess server strength against a potential attack. In seven years of providing remote proctoring services, Proctorio has maintained a 99.991% uptime with a collective total of eight minutes of downtime since 2013.

Proctorio is backed by Microsoft Azure data centers located in multiple international regions, allowing Proctorio to have the infrastructure necessary to be limitlessly scalable without users experiencing service interruptions or data loss. Proctorio has administered over 18 million exams since inception in 2013. Proctorio proctored 2.5 million exams in April 2020 alone, signifying a 900% year-over-year increase in the number of exams proctored from April 2019. Despite the remote learning challenges exacerbated by COVID-19, Proctorio remains firmly committed to upholding academic integrity without compromising test taker data to ensure that test takers around the world can rightfully and safely earn their degrees and certifications.

Recommended AI News: Tru Optik and SpotX Partnership Utilizes Advanced Data Targeting