Connecting Steps has been on our hosted platform for over 6 years. In that time over 100,000 users have used our software, making it one of the most popular assessment tools on the market.
The advent of the General Data Protection Regulation has introduced legal obligations to companies that process data on behalf of Data Controllers amongst more stringent requirements to security. We can confirm we are ready for the changes that the GDPR
brings and that we have updated our terms and conditions and contracts in line with this. We have made a few changes to our procedures internally, namely around verifying that changes to the main system administrator (a super user account in the software)
can only be made by the head teacher.
To assist schools in their Data Protection Impact Assessment, we have provided a knowledge base of articles and FAQ's that cover all the information that schools may require from us which you can find here https://support.connectingsteps.com/category/361-gdpr-information.
We have built this from information requests we have received from schools so everyone may benefit from the answers so they can complete their own documentation swiftly and without issue. We are trying to be as transparent as we possibly can on how
we work as company so you can feel secure in the fact we are going above and beyond to protect your data. There are instances however where we will not be able to provide copies of our internal policies as these would represent a risk.
Centrally hosted software on the internet simplifies the experience not only for teaching staff, but also the school as a whole. Subscribing to our Cloud service means no data is stored within the school, and there is no need to install, manage or update
the software, easing pressure on schools’ ICT staff and computer networks. By hosting data centrally, there are also no data protection issues as data is not stored on laptops or mobile devices. The centrally hosted data is also more secure and reliable,
and all servers are monitored 24 hours a day, 7 days a week by B Squared staff.
But perhaps the most important benefit is that data cannot be lost. Since Connecting Steps software was first introduced, we have always taken disaster recovery seriously, advising schools to regularly back up their database and to have offsite backups.
We do not take chances. We monitor our servers 24 hours a day, 7 days a week, and 365 days a year. We use multiple hard disk arrays, with hard disks on standby, and data is copied to a backup server every 15 minutes, waiting to take over in the event
of failure. In terms of security, all traffic between the user and server is encrypted.
This security is forced and cannot be bypassed. We have also enforced a timeout within our software, which applies to both the web browser and iPad app, and ensures access to the software is protected and information cannot be viewed if the user has stepped
away from the software for longer than intended.
All databases need to be backed up, but not all are. Since setting up our software assessments, many schools have lost information due to a laptop or server failing, when the data has not been copied off first. There are so many ways data can be lost
– loss of power, hardware failure, theft or even user error – and we don’t want teaching staff to go through the stress that results from losing data. In order to ensure continued speed of access and security of data, we have recently moved to new
data centres. Our main servers are now located in a flagship UK data centre on Cody Technology Park in Farnborough, Hampshire. For additional protection, data is also held in a secondary backup server located at the Equinix data centre, 30km from
the primary site. The new data centres offer unparalleled capacity, speed of access, security and reliability.