Trusted for learner data
At ETU, trust is integral to everything we do. To protect and keep our customer’s data secure, we deploy industry-leading processes and continuously monitor our systems, so our clients can rest assured knowing their data is protected 24/7.
Quality processes
ETU’s quality policy is a documented commitment to exceeding customers' expectations through teamwork, continuous improvement, and innovation by focusing on quality in everything we do throughout the organization. The policies ensure that ETU:
- Complies with data protection legislation and follows good practice
- Protects the rights of employees, customers, and partners
- Is transparent in terms of how it stores and processes individuals’ and businesses’ data
- Addresses information security and privacy
ISO certification
ETU is independently certified for ISO 9001 Quality Management, ISO 27001 Information Security Management, and ISO 27701 Data Privacy extension. Having all three certifications is a testament to our industry leadership in privacy and security practices. It also demonstrates ETU’s continued commitment to excellence in process improvement.
ISO 9001 Quality Management |
||
ISO 27001 Information Security Management |
||
ISO 27701 Data Privacy Extension |
Data security
Our top priority is keeping our customers' data safe and secure. We only collect vital data and limit access to data using industry-leading security standards. We employ rigorous security measures at the organizational, architectural, and operational levels to ensure your data, applications, and infrastructure remain safe.
All data at rest is stored on encrypted volumes using encryption keys managed by ETU. Volume encryption keys and machines that generate volume encryption keys are protected from unauthorized access. All client-server communications use encrypted/secured channels over HTTPS and SSL. The infrastructure uses AI and Machine Learning to detect anomalies in access and network traffic and prevent unauthorized access. Any anomalies detected are immediately raised, which activates investigation and remediation processes.
The ETU platform leverages Cloud infrastructure capabilities and security solutions to protect mission-critical systems, including fully redundant subsystems and compartmentalized security zones.
ETU has implemented best-practice enterprise software development processes to help ensure the continued security of the platform. This program includes an in-depth security risk assessment and review of platform features. The development process is further enhanced by application security training for developers and third-party application penetration testing.
Data privacy
ETU is committed to protecting the privacy of our customers’ data and helping our customers meet their privacy obligations. We also provide our customers with the necessary resources and information to help them understand and validate their organization's privacy and compliance requirements.
ETU provisions a Secure Virtual Private Cloud as standard for each client, with segmented data only accessible to customer-authorized users. The use of separate databases ensures there is no co-mingling of customer data. Customers can also specify the geographical region where the data is held.
ETU periodically reviews its current practices, policies, and guidance to recommend any changes or improvements to ensure we apply appropriate security measures and comply with GDPR, Personal Data protection and local regulations.