Here's why SchoolBlocks maintains the highest level of security possible.

Through the use of GAFE/O365 as our host of all account information, SchoolBlocks intentionally avoids storing all usernames and passwords. It causes our system to achieve the highest possible level of security, while removing a significant amount of complexity.

SchoolBlocks leverages OAuth
OAuth is a modern method of authentication and authorization specifically designed to handle Internet and Cloud based environments and the extended network. Using OAuth (as implemented by known providers such as Google) and unified APIs (such as the Google and Microsoft 365 API) to collectively bring applications together through a single access point provides a more resilient, secure system with an extra layer of student data protection. Furthermore, this eliminates dependence on your vendor's proper knowledge of web security and data protection.

Since Google and Microsoft provide access to your Organization Units and Groups found within your local Active Directory, you have the opportunity to limit the number of vendors who access your core data.

Why your student data may be at risk with alternative solutions.

If you can answer 'YES' to any of the following questions, than we urge you to review your protection methods of student and other essential data.

  • Factor 1: Does the service allow a user to enter a username and password?
  • Factor 2: Does the service require the installation of a utility on your servers to move data to its platform?
  • Factor 3: Are you able to reset passwords or enable/diable accounts from within the service's administrative interface?

The above are just a few of the paradigms that can cause your data to be compromised. While some trust of your vendor is required, it's not as necessary as you might assume. Afterall, if credit card companies and banks can be hacked, a healthy dose of protectionism when working with a small technology company. The following are important security topics of which to be informed. Below is a link to learn more.

  • Factor 1: Account decay
  • Factor 2: Firewall management
  • Factor 3: Vendor risk
  • Factor 4: Lack of multi-factor Authentication
  • Factor 5: Resilience

Click here to learn why other web hosts are not offering appropriate levels of security.