How Arbor keeps your data safe

Maddie Kilminster - 4 February, 2020

Category : Blog

How Arbor keeps your data safe

At Arbor, we take data security very seriously – it’s at the heart of what we do. We’re proud to go above and beyond the MIS industry standard when it comes to protecting school and MAT data. We’ve put together this short blog to explain what we do in a little more detail.    1)

At Arbor, we take data security very seriously – it’s at the heart of what we do. We’re proud to go above and beyond the MIS industry standard when it comes to protecting school and MAT data. We’ve put together this short blog to explain what we do in a little more detail. 

 

1) We have full data security accreditation

  • ISO 27001  –  We are accredited by the International Organisation for Standardisation (ISO) – an independent, non-governmental international organisation that ensures the quality and safety of software like Arbor around the world. We are accredited under ISO27001 – the international benchmark for data security

 

  • GDPR  –  We meet and exceed the requirements of GDPR, protecting the data we store with a comprehensive Information Security Management System. Arbor MIS gives you enterprise provisioning secure logins (e.g. via Google SSO and 2FA), allows you to retrieve all the data you need for Subject Access Requests (SAR), and helps you monitor and delete data through “out-of-the-box” data retention dashboards

 

  • Cyber Essentials  –  We are certified with Cyber Essentials and are audited annually. This means our IT systems are security approved by an accreditation body selected by the NCSC and we have technical defences in place against cyber threats

 

  • ICO  –  We are registered with the Information Commissioner’s Office (ICO) for data protection, the UK’s independent authority that upholds public information rights and controls organisations use of staff or customer data

 

2) Our digital security

  • Protected by the cloud  –  Your school data is stored on our central, cloud-based system, rather than any individual device, which means if there’s a security breach at your school your data is less likely to be lost or compromised. Your data is only accessible with a secure login and the system automatically logs out after a period of inactivity, meaning there’s less chance of it getting into the wrong hands

 

  • Only you can see your data  –  Our database uses bank-grade, end-to-end, 256bit SSL encryption for transmitting data, and AES-256 bit encryption for all stored data, which means only you can see your data. Student data is never shared with third parties without your schools’ consent

 

  • Analyse data securely  –  With our built-in BI analysis, you can go deep into the detail of your data within Arbor MIS. But if you do want to pull data out, you can download it as a file or as a secure “Live Feed” which can be password protected. You can keep central control access to this data and cut the link if necessary

 

  • Your data is secure because our data is secure  –  At Arbor HQ, our data is hosted by Amazon Web Services’ London data centre. Arbor is approved by the DfE list for cloud suppliers and registered on the UK government’s G-Cloud V11 framework, which audits the security of cloud-based providers

 

  • We lock down access to our databases to specific individuals, and only allow access through strict gateways requiring two-factor authentication login and public/private key identification. All logins to Arbor are logged and tracked, and strict policies are enforced which create alerts if breached. Staff passwords are also changed regularly and, since data is kept on our central system, permissions can easily be revoked if needed

 

3)  Our physical security 

The security of every Arbor office is maintained by formal security inspections and risk assessments. Access to our offices is restricted with secure keys, CCTV, 24/7 security personnel and secure perimeter doors.

 

Security top tips !

When protecting data at your school, it’s important that you follow data security best practice to make sure data does not fall into the wrong hands. Here are some key things you can keep in mind: 

security tips

 

If you’d like to find out more about how our simple, smart cloud-based MIS could help you transform the way your secondary school works, contact us