Skip to main content
Toronto |

D2L Advances K-12 ‘Secure by Design’ Pledge Commitments

Building on its industry-leading cybersecurity practices, including free SSO and partner security reviews

Press Release

D2L, a global learning technology company, today shared progress toward The U.S. Cybersecurity and Infrastructure Security Agency (CISA)’s voluntary pledge for K-12 Education Technology software manufacturers as well as additional commitments that D2L CEO John Baker announced at a related White House forum hosted by First Lady Jill Biden. In September 2023, D2L was among the first in the sector to sign this voluntary pledge in its commitment to reduce cybersecurity burdens on schools and teachers and help them focus on their core mission of teaching and learning. 

Cybersecurity Business Leader: Stephen Laster 

In accordance with Principle 3 of the K-12 Education Technology Secure by Design Pledge, Stephen Laster, President at D2L, is serving as D2L’s senior cybersecurity business leader to help bring further accountability for cybersecurity to the most senior levels of D2L. Stephen is responsible for managing the ongoing process of integrating security as a core function of the business alongside D2L’s longstanding Chief Technology Officer and Chief Information Security Officer Nick Oddson, including the development and implementation of D2L’s upcoming Secure by Design roadmap. 

Free SSO for Customers 

As of March 2023, D2L offers Security Assertion Markup Language (SAML)-based Single Sign On (SSO) to all customers at no extra charge, to help reduce password-based cyber-attacks. Customers can find details on how to configure and manage their SSO on the Brightspace Community

Security Audit Log Assistance  

D2L assists customers at no additional charge in responding to security questions and incidents including with regard to product and server log analysis for response to security/penetration testing, compromised user accounts, email phishing and vulnerabilities. In exceptional circumstances, fees may apply to limit cases of extraordinary scope. 

Reduce the School Burden of Vetting Third-Party Tools 

D2L is helping to reduce the burden for school IT departments that are responsible for reviewing numerous third-party tools and applications. While this type of review is already a standard practice for D2L, the new “D2L Security Reviewed” badge on the D2L Partner Integration Hub helps signify which third-party partners have demonstrated their commitment to information security. These partners have been confirmed by D2L experts to satisfy the following standards: 

  • Undergone a comprehensive information security review, including submitting a SOC2 Type 2 third-party report or its equivalent 
  • Completed an AI impact assessment (if relevant) that is reviewed by D2L’s internal AI working group 

“An ever-evolving threat landscape requires us to be vigilant and adaptable to help keep learning safe and secure. I’m honored to be named D2L’s new cybersecurity leader to see that we can meet, and continue to build upon our continued commitments to, cybersecurity and in the K-12 Secure by Design Pledge,” said Stephen Laster, President of D2L. “For years, we’ve worked closely with customers to implement strong privacy and security controls, and we will continue to adapt to ongoing threats and new advances in this field.”  

D2L’s industry-leading privacy and security controls include encryption by default, key security certifications, and other layered protections. D2L regularly achieves updated 3rd party verified certifications, including: ISO 27001, ISO 27017, and ISO 27018. D2L also recently achieved TX Ramp Provisional security certifications and privacy certification ISO 27701. 

In the coming months, D2L will strive to make additional updates to meet the cybersecurity goals outlined in the pledge and beyond. Learn more about D2L’s commitments to cybersecurity here.

About D2L

D2L is transforming the way the world learns—helping learners of all ages achieve more than they dreamed possible. Working closely with clients all over the world, D2L is supporting millions of people learning online and in person. Our growing global workforce is dedicated to making the best learning products to leave the world better than they found it. Learn more about D2L for K-12, higher education and businesses at www.D2L.com

D2L Media Contact

Colin Horgan
‪Executive Communications Director
[email protected]
Twitter: @D2L

© 2024 D2L Corporation.

The D2L family of companies includes D2L Inc., D2L Corporation, D2L Ltd, D2L Australia Pty Ltd, D2L Europe Ltd, D2L Asia Pte Ltd, D2L India Pvt Ltd, D2L Brasil Soluções de Tecnologia para Educação Ltda,D2L Sistemas de Aprendizaje Innovadores, S. D2 R.L de C.V, and H5P Group AS.

All D2L and H5P trademarks are owned by the D2L group of companies. Please visit D2L.com/trademarks for a list of D2L marks. All other trademarks are the property of their respective owners.

All other trademarks are the property of their respective owners.