Technical Notes

Maxient is a vendor-hosted, software-as-a-service (SaaS) application

Maxient was one of the earliest SaaS products in higher education. With the increasing prevalence of products like Google Apps, Microsoft Live@Edu, PeopleAdmin, and OrgSync, SaaS has become a viable and safe option for IT departments to do more with less.

The first tenet of good security is to not reveal everything we do on a public website. We’ll cover some of the essentials here, getting you comfortable that we know what we’re doing and aren’t a here-today-gone-tomorrow tech startup. To delve deeper into the specifics, feel free to give us a call.

Your data is hosted and secure, right here in the USA

Maxient’s servers are owned by us and located in Ashburn, Virginia at Rackspace Hosting’s state-of-the-art datacenter. This controlled-access facility boasts around-the-clock staff, redundant network connections, redundant electrical and HVAC systems, and contains servers for many Fortune 500 companies and educational institutions. As part of our disaster recovery strategy, we backup your data nightly and store it in a geographically separate datacenter on the West Coast. Both have successfully passed a SAS70 Type II audit, and provide our clients with the most secure and technologically advanced hosting infrastructure available.

We are 100% FERPA-compliant

On December 9, 2008, the Family Educational Rights and Privacy Act (FERPA) was updated to permit disclosure of educational records and personally identifiable information to third parties. For your convenience, we’ve provided links to the final rule and the section-by-section analysis, but the summary is this: the institution must have “direct control” over how the third party will use the data. Additionally, the third party must be performing a service that the institution would otherwise need to perform in-house. We spell out our commitment to FERPA compliance plainly and unequivocally in our standard contract with every institution. Additionally, we take our leadership position in the marketplace as an opportunity to add features that help schools more easily comply with the overall intent of the law.

You own your data, plain and simple.

Maxient does not share, sell, alter, or do anything with your data. We only access it in the course of providing support to your end users, and are bound by both the law and our contract to handle it in the same confidential manner that you do. Should our relationship with you ever terminate, your data will be returned in a flat-file format along with all attached files on disc. All copies will be eliminated from our servers, and it will be overwritten to industry standards rendering it unrecoverable.

Security is paramount.

All access to Maxient is via SSL-secured web browsing. Your data is encrypted both in transit and at rest. We undergo regular code audits and vulnerability scans to ensure both your data and our application remain safe. We’re proud to support connections with a variety of student information systems and several authentication options, including LDAP, Active Directory, and our favorite, Shibboleth/SAML2 …

Shibboleth logo

Shibboleth

The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

 

 

To learn more about Maxient’s security measures, ask a sales representative to schedule a conference call between your IT staff and ours.