This policy makes clear how e-Learn Design (ELD) secures your data. By entering into a contractual agreement with ELD, you acknowledge that your data will be managed in accordance with this policy.

All ELD primary servers are located in OVH data centres in London. These data centres are physically staffed 24/7, secured using a restrictive perimeter system and video surveillance, with access controlled and regulated through an identity/authorisation badge system.

OVH is certified ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27701 and CSA STAR for providing and operating dedicated cloud computing infrastructures based on the ISO 27002 and ISO 27005 security management and risk assessment standards and associated processes. All physical hardware is PCI DSS compliant and bears the BSI Kitemark.

All ELD secondary servers are located in OVH data centres in Frankfurt, with the same security measures and certifications/compliances as those in London. These data centres are designated for DR and BCP purposes unless otherwise requested by a client.

All server backups are stored with AWS in Ireland. AWS is certified for compliance with ISO 9001, ISO 27001, ISO 27017 and ISO 27018.

Every server is built to ELD specifications, designed specifically for hosting the Moodle/IOMAD application using the Ubuntu Server Operating System. Each server has its own individual firewall, Intrusion Detection Software (IDS), Intrusion Prevention Software (IPS), and DDoS Protection Software.

The OVH infrastructure is anti-DDoS/IPS-enabled by default, with infrastructure-specific IDS automatically performing quarantine actions triggered by suspect network traffic.

Data encryption

Industry-standard encryption algorithms and technologies are used to protect data in transit and at rest.

Agent access

ELD agents use a secure password database with two-form-factor authentication (2FA) to access account details for servers and sites. ELD’s access control policy overview can be found here.

Client access

Server access is permitted via SFTP through client application accounts, allowing installation of Moodle plugins or other core changes to applications.

Vulnerability scanning

• Network infrastructure scanning/patch application is controlled and managed by OVH.
• Application vulnerability mitigation/patch release is controlled by Moodle Pty Ltd, and patch application is managed by ELD (within 48 hours of release).
• Operating system (OS) scanning/patch applications are controlled and managed by ELD as part of server standard builds (security patches applied within 24 hours of release).

Monitoring

ELD monitors all servers using Nagios and Munin to provide 24/7 alerts on emerging or critical issues such as filesystems filling up, high server load, or issues with web connections. Any emergencies are handled 24/7, with normal support available during office hours.

Support

Support is provided via the ELD support helpdesk (helpdesk@e-learndesign.co.uk or https://helpdesk.e-learndesign.co.uk) during standard office hours (M-F, 09:30-17:30 UTC/UTC+1). Where appropriate, this can be extended to telephone or virtual meetings. Support requests are given priority based on the severity of the issue.

ELD servers are built upon two VMWare ESX Clusters (one at each data centre), which have redundant physical servers backed by redundant SAN-based disks. This infrastructure is designed to continue to run in the event of any physical hardware failure in a server, disk or network.

All ELD servers are backed up to an encrypted off-site location nightly. Backups are kept for 30 days.