Forum Discussion
Review 360 Security - How secure is it?
I think one of the great features using the Articulate group of software is the ability to use Review360 as a review tool. I've found that the review process is extremely smooth and efficient, and the feedback comments can be used as a checklist for any version amendments.
I used to work for Boeing Defence and created elearning packages for a certain military platform. As such, anyone working on the project needed to have a "Secret" government security clearance. Because of this, it was policy for Boeing that no elearning packages developed in SL360 could be published in Review360, regardless of security level. This meant that even if you were developing something as innocuous as a first-aid video for annual training (ie no security issues if it "leaked" into the public ;-) ), you had to publish the package as a ZIP file, then send it internally to any reviewers, and then wait for any feedback to come back...eventually. This assumed they story.html file in the ZIP file actually functioned on their computers. Due to the sensitive nature of certain projects, the use of Rise360 was out of the question, which is a shame because it's great for rapid elearning development!
As you can ascertain, this clogs up the review process significantly, as there were many instances of me waiting around for reviews to come back, as everyone was always too busy to do any reviews before a certain due date.
Since I left Boeing back in 2022, I've worked on various projects for mining and government clients that didn't have as highly restricted development processes, so using Review360 has been an absolute dream. Projects get reviewed, amended, republished, and eventually signed off fairly quickly and efficiently.
But, I'm possibly moving to another major military contractor soon as an instructional design team leader and I'm pretty sure they will have security policies similar to Boeing due to the sensitive nature of certain projects. This doesn't mean Area 51-type projects ;-), but they still require me to have a higher-level government security clearance.
So, my question is this: What could I tell my potential future employers about the security of Review360 in terms of how secure it would keep elearning packages safe and not violate their security protocols? I know that I can attach a password to any packages published in Review360, but they would be more interested in the overall security of the Articulate360 servers and databases. Is there anything I could tell /show them that might alleviate any security concerns, or would this be pointless because the risk of a data breach is too high, and you'd have to go to the Boeing route of project review?
Will be very interested in hearing about this!
Hi Doug,
Happy to chime in!Articulate 360 services are hosted on Amazon Web Services (AWS). We secure data on our servers and network traffic with the most advanced encryption technology publicly available, 256-bit TLS/SSL encryption and 2048-bit RSA public keys.
As part of our business continuity plans, in the case of disaster, we practice automated, routine, and frequent data backup and recovery. We store backups in a redundant way and test recovery frequently to reduce the likelihood of data loss and minimize downtime in a large-scale disaster.
You can learn more about our commitment to security and privacy at our Trust Center, and here's an overview of how we handle the security and privacy of your data for Articulate 360.Hope this helps!