This policy makes clear how e-Learn Design secures your data. By entering into a contractual agreement with e-Learn Design, you acknowledge that your data will be managed in accordance with this policy.

All e-Learn Design primary servers are located in data centres in London provided by OVH. These data centres are staffed 24/7 and controlled by badge access, with security provided by video surveillance and on-site security guards.

OVH is certified ISO 27001:2005 for providing and operating dedicated cloud computing infrastructures which is based on the ISO 27002 and ISO 27005 security management and risk assessment norms and associated processes. All physical hardware is PCI DSS compliant and bears the BSI Kitemark.

All e-Learn Design secondary servers are located in Frankfurt, also provided by OVH with the same security and certifications/compliances as for London. These data centres are designated for DR and BCP purposes unless otherwise requested by a client.

All server backups are stored with AWS in Ireland. AWS is certified for compliance with ISO/IEC 27001:2022, 27017:2015, and 27018:2019.

Each server is built to e-Learn Design specifications, designed specifically for hosting the Moodle/IOMAD application using Ubuntu Server and MariaDB. Each server has its own individual firewall and Intrusion Detection Software (IDS). IDS software is also running on the OVH infrastructure, automatically performing quarantine actions during any suspect network traffic to prevent further unwanted traffic.

Agent access

e-Learn Design agents use a secure password database with two-form factor authentication (2FA) to access account details for servers and sites.

Client access

Server access is permitted via SFTP through the application accounts, allowing installation of Moodle plugins or other core changes to applications.

Monitoring

e-Learn Design monitors all internal and Client servers using Nagios and Munin to provide 24/7 alerts on emerging or critical issues such as filesystems filling up, high server load, or issues with web connections. Any emergencies are handled 24/7 with normal support available during office hours.

Support

Support is provided via the e-Learn Design support helpdesk (helpdesk@e-learndesign.co.uk) during standard office hours (M-F, 09:30-17:30 UTC/UTC+1). Where appropriate, this can be extended to telephone or virtual meetings. Support requests are given priority based on the severity of the issue.

e-Learn Design servers are built upon a VMWare ESX Cluster, which has redundant physical servers backed by redundant SAN-based disks. This infrastructure is designed to continue to run in the event of any physical hardware failure in a server, disk or network.

All e-Learn Design servers are backed up to an encrypted offsite location nightly. An encrypted copy of the Moodle/IOMAD application files is synced nightly to a second offsite location. Backups are kept for 30 days.