Security at Workera
Thousands of learners trust Workera to keep their data safe and secure every day, and we take that responsibility seriously.
Workera completed its SOC 2 Type 2 audit for controls relevant to security, availability, and confidentiality, with no exceptions in entity-level testing. This means that an independent third party validated our processes and practices concerning these three trust services criteria and confirmed our ability to maintain compliance with the controls we have in place.
Workera runs on Amazon Web Services. All Workera machines limit access to the least number of people necessary to keep them up and running. Deploys are automated to all machines, and all machines with access to Workera data have SSH disabled to prevent any unauthorized access to customer data.
All data exchanged with Workera is done via the HTTPS protocol.
Live Workera data is stored on AWS, and access is limited to machines that need read and write access to the data. We also do incremental, encrypted backups of the datastores periodically to Amazon S3 which is designed to offer 99.999999999% durability for the data in the event of a problem or catastrophic failure.
All passwords are one-way encrypted in the database using bcrypt. Log in information is always sent over SSL. For enterprise customers, we also allow you to use two-factor authentication, or 2FA, as an additional security measure when accessing your Workera account. Enabling 2FA adds security to your account by requiring both your password as well as access to a security code on your phone to access your account.
For More Information
Please review our policies: