At D2L, we have always taken security very seriously. Our approach puts our client’s security first. Our process works, demonstrated by a track record of delivering reliable security to all of our clients.
D2L hosted services are hosted in tier 3 or greater data centers giving clients best in class services. Our hosting providers undergo SSAE16 audits and maintain PCI Service Provider Level 1 compliance. Additionally, our own ISO 27001:2013 certification covers the security controls for the operations within our data centers.
Find out more about our secure data centers >
Read about D2L’s security certifications >
D2L uses an industry leading Security Information and Event Management (SIEM) solution to collect, aggregate and correlate millions of system events a day across D2L’s infrastructure to provide monitoring teams with real time insight into potential security events.
Find out more about our security best practices >
Learn about our security policies >
LMS Security in the Brightspace Platform
Access & Authentication
The Brightspace platform supports Single Sign On (SSO) and integration with various authentication solutions including Active Directory, LDAP, Kerberos, CAS and SAML/Shibboleth.
Client connection to the Brightspace platform is via TLS cryptographic protocols with RSA encryption, so client data is transferred securely.
Code for the Brightspace application is developed and tested following principles set out in the Open Web Application Security Project (OWASP) Top Ten framework to help ensure Brightspace is a secure platform.
Backup and Recovery
System and client data are backed up on a regular basis using asynchronous encrypted data transfer to offsite storage to ensure that client services can be restored quickly in the event of a disaster.