Security Designed to Protect Against Non-User Access to Data
Extensive external security is in place to ensure the protection of all client data. Student information including test information is protected by encryption during transmission and stored in a database system that is not directly accessible from the Internet. All client traffic to and from the database system must pass through multiple firewalls.
Both Galileo K-12 Online and Galileo Pre-K Online are comprised of a variety of built-in, integrated security measures that are designed to ensure data confidentially, integrity, and viability of online data. Galileo users, for example, are authenticated with the standard username and password construct. All usernames are entered and passwords set by the individual clients. This can only be done once an identified district administrator has been entered into the system by ATI. This ensures greater control and accuracy for our clients.
When the agency administrator sets up access for a user, they will determine the level of access allowed that user. This user will then only be allowed access to their individual school, class, or student-level information. For instance, each online assessment scheduled for a particular timeframe is always assigned its own password.
Galileo Data is backed up offsite hourly, using an encrypted tunnel. All remote data access requires two-factor authentication; storage architecture has been designed with security as a major focus.
User Authentication Utilizing GUIDS
All user accounts in the Galileo Online system are assigned a Globally Unique Identifier (GUID), as are all transactions placed in the system. This ensures the highest level of accuracy when performing data entry/retrieval within the Galileo Online system. When users access Galileo Online, their password is authenticated against their record in the system using the GUID, and entry is granted only in the event of a perfect match. No "fuzzy logic" is used in authenticating passwords.
Secure Socket Layers and Data Encryption
Another security measure is the implementation of Secure Sockets Layers (SSL). When a user clicks on the link to login at http://www.ati-online.com, the entire session from this point forward (including entry of the username and password) is conducted using SSL. Every time data is transmitted to Galileo Online, the entire transaction is performed with 128-bit encryption. Only the Galileo Online web servers hold the private key to decode the encrypted data sent by users. All traffic for Galileo Online is transferred using SSL. Galileo Online utilizes the highest level of encryption possible while still maintaining a focus on performance. Our security is verified with a top-level site certificate hosted by VeriSign, an industry leader in computer security certification.