D2L Security and Privacy

Nothing is more important than the security of your data.

Security Overview

At D2L, we take security and privacy very seriously. Our approach puts our client’s security and data confidentiality, availability and integrity first. Our process works, demonstrated by a track record of delivering reliable security to all of our clients and is continuously being improved.

More information

Environment Security

Good security starts with a strong foundation. D2L partners with Amazon Web Services to provide a highly secure, durable and available infrastructure for deploying our Brightspace platform. AWS is a global world leader in delivering IaaS (Infrastructure-as-a-Service) solutions and, like D2L, demonstrates their compliance through a myriad of security and compliance certifications. https://aws.amazon.com/compliance/

Find out more about our secure data centers >
Read about D2L’s security certifications >

Security Monitoring

D2L uses an industry leading Security Information and Event Management (SIEM) solution to collect, aggregate and correlate millions of system events a day across D2L’s infrastructure to provide monitoring teams with real time insight into potential security events.

Find out more about our security best practices >
Learn about our security policies >

LMS Security in the Brightspace Platform

Access & Authentication

The Brightspace platform supports Single Sign On (SSO) and integration with various authentication solutions including Active Directory, LDAP, Kerberos, CAS and SAML.

Secure Transmission

Client connection to the Brightspace platform is via TLS cryptographic protocols with RSA encryption, so client data is transferred securely.

Application Security

Code for the Brightspace application is developed and tested following principles set out in the Open Web Application Security Project (OWASP) Top Ten framework to help ensure Brightspace is a secure platform.

Backup and Recovery

System and client data are backed up on a regular basis using asynchronous encrypted data transfer to offsite storage to ensure that client services can be restored in the event of a disaster.

Found a bug? Please send the information to incident@d2l.com