Security at TEACH
We take data security and privacy very seriously. Our approach ensures your data and private information is safe.
Data Security
Data in Transit: Every piece of data exchanged between your browser and TEACH is secured. TEACH uses the TLS v1.3 protocol.
Data at Rest: We store your data with AES-256 key encryption. This ensures your data’s security in our data storage.
Data Center Provider: TEACH trusts platform.sh to host our core servers and related database services.
Data Center Location: Our main application runs in AWS's U.S. East (Ohio) region.
Backups: Regular backups of TEACH’s operational systems ensure data integrity. These backups undergo routine checks for reliability.
Service Status: Stay informed about our service's health and any ongoing incidents at status.teach.org.
Application Security
Role-Based Access: TEACH’s system access is determined by role-specific needs. We strictly adhere to the principle of least privilege.
Code Review & Testing: Every application update undergoes meticulous peer scrutiny and testing.
Separated Environments: We separate our testing, development and production environments to ensure data safety.
Release Notes: We offer public-facing release notes for users to review major updates and improvements to the site experience. Learn more at our dedicated Release Notes page.
Penetration Tests: Third-party experts routinely challenge our system's defenses, helping identify and rectify potential weak spots.
Routine Scans: TEACH uses continuous third-party tools to scan and monitor our software and infrastructure, flagging potential security threats.
Staff Security
Dedicated Experts: Our specialized security team enforces best practices and swiftly addresses security events.
Updated Policies: TEACH transparently communicates evolving security policies to our staff, keeping us all on the same page.
Ongoing Training: TEACH emphasizes continual security training for all staff to ensure awareness of the latest security threats.
Background Checks: We conduct background checks for every potential team member as part of our hiring process.
New Hire Orientation: On day one, every new TEACH staff member acknowledges and signs our information security and confidentiality policies.
As part of our commitment to transparency, integrity and ethical conduct, TEACH empowers employees and stakeholders to confidentially report any concerns related to code of ethics violations, suspected fraud, discrimination complaints or potential breaches of law or regulations.
To submit an anonymous whistleblower response, please use our Whistleblower Submission Form.
Information Security
SOC 2: TEACH is actively undergoing a SOC 2 audit, underscoring our commitment to top-tier data security and transparency. We value your trust and will keep you updated on our progress. You can email if you have any questions.
Your privacy and trust matter to us, and we’re here to ensure your privacy preferences are respected. As part of our commitment to transparency and compliance with data protection regulations, you have the right to exercise your data subject rights, including data deletion, modification to your data, requesting a complete inventory of your data, etc.
To submit a privacy request, please visit our Support Page, where you'll find a dedicated form for this purpose. We encourage you to read our Privacy Policy for details on how we handle and protect your data.