Security at Workera

Thousands of learners trust Workera to keep their data safe and secure every day, and we take that responsibility seriously.

SOC 2

Workera is working to complete its SOC 2 Type 2 audits for controls relevant to security, availability, and confidentiality with no exceptions in entity-level testing. This means that an independent third party will validate our processes and practices with respect to these three trust services criteria and will confirm our ability to maintain compliance with the controls we have in place.

Server Security

Workera runs on Amazon Web Services. All Workera machines limit access to the least number of people necessary to keep them up and running. Deploys are automated to all machines, and all machines with access to Workera data have SSH disabled to prevent any unauthorized access to customer data.

Communications

All data exchanged with Workera is done via the HTTPS protocol.

Data Storage

Live Workera data is stored on AWS, and access is limited to machines that need read and write access to the data. We also do incremental, encrypted backups of the datastores periodically to Amazon S3 which is designed to offer 99.999999999% durability for the data in the event of a problem or catastrophic failure.

Maintaining Security

All passwords are one-way encrypted in the database using bcrypt. Login information is always sent over SSL. For enterprise customers, we also allow you to use two-factor authentication, or 2FA, as an additional security measure when accessing your Workera account. Enabling 2FA adds security to your account by requiring both your password as well as access to a security code on your phone to access your account.

For More Information

Please review our policies: