Building on its industry-leading cybersecurity practices, including free SSO and partner security reviews
D2L, a global learning technology compan shared progress toward The U.S. Cybersecurity and Infrastructure Security Agency (CISA)’s voluntary pledge for K-12 Education Technology software manufacturers as well as additional commitments that D2L CEO John Baker announced at a related White House forum hosted by First Lady Jill Biden. In September 2023, D2L was among the first in the sector to sign this voluntary pledge in its commitment to reduce cybersecurity burdens on schools and teachers and help them focus on their core mission of teaching and learning.
Read More:Â CIO Influence Interview with Chris Lubasch, Chief Data Officer & RVP DACH at Snowplow
Cybersecurity Business Leader:Â Stephen Laster
In accordance with Principle 3 of the K-12 Education Technology Secure by Design Pledge, Stephen Laster, President at D2L, is serving as D2L’s senior cybersecurity business leader to help bring further accountability for cybersecurity to the most senior levels of D2L. Stephen is responsible for managing the ongoing process of integrating security as a core function of the business alongside D2L’s longstanding Chief Technology Officer and Chief Information Security Officer Nick Oddson, including the development and implementation of D2L’s upcoming Secure by Design roadmap.
Free SSO for Customers
As of March 2023, D2L offers Security Assertion Markup Language (SAML)-based Single Sign On (SSO) to all customers at no extra charge, to help reduce password-based cyber-attacks. Customers can find details on how to configure and manage their SSO on the Brightspace Community.
Security Audit Log AssistanceÂ
D2L assists customers at no additional charge in responding to security questions and incidents including with regard to product and server log analysis for response to security/penetration testing, compromised user accounts, email phishing and vulnerabilities. In exceptional circumstances, fees may apply to limit cases of extraordinary scope.
Read More:Â CIO Influence Interview with Chris Lubasch, Chief Data Officer & RVP DACH at Snowplow
Reduce the School Burden of Vetting Third-Party Tools
D2L is helping to reduce the burden for school IT departments that are responsible for reviewing numerous third-party tools and applications. While this type of review is already a standard practice for D2L, the new “D2L Security Reviewed” badge on the D2L Partner Integration Hub helps signify which third-party partners have demonstrated their commitment to information security. These partners have been confirmed by D2L experts to satisfy the following standards:
- Undergone a comprehensive information security review, including submitting a SOC2 Type 2 third-party report or its equivalent
- Completed an AI impact assessment (if relevant) that is reviewed by D2L’s internal AI working group
“An ever-evolving threat landscape requires us to be vigilant and adaptable to help keep learning safe and secure. I’m honored to be named D2L’s new cybersecurity leader to see that we can meet, and continue to build upon our continued commitments to, cybersecurity and in the K-12 Secure by Design Pledge,” said Stephen Laster, President of D2L. “For years, we’ve worked closely with customers to implement strong privacy and security controls, and we will continue to adapt to ongoing threats and new advances in this field.”
D2L’s industry-leading privacy and security controls include encryption by default, key security certifications, and other layered protections. D2L regularly achieves updated 3rd party verified certifications, including:Â ISO 27001, ISO 27017, and ISO 27018. D2L also recently achieved TX Ramp Provisional security certifications and privacy certification ISO 27701.
Read More:Â CIO Influence Interview with Rich Nanda, Principal at Deloitte
[To participate in our interview series, please write to us at sghosh@martechseries.com]
