Side view of students in headphones working at computers

Trusted by the World’s Leading Institutions

As a solution trusted around the world for high-stakes national assessment, professional certification exams, classroom assessments, and more, the performance and security of TAO is critical. Our product engineering approaches demonstrate a commitment to proven industry standards and best practices, as well as continual monitoring and enhancement. This diligence ensures that TAO’s capabilities and capacities are able to meet the rigorous requirements of both large and small-scale assessment programs. TAO’s performance and security framework include policies, practices, and protocols in the following areas:

  • Reliability and Availability 
  • Scalability 
  • Data Protection

How Your Data is Protected

The TAO platform leverages an open framework, but that doesn’t mean your data isn’t secured. In fact, it’s just the opposite – because nothing can slip through the cracks when all eyes are on our code. When it comes down to it, TAO’s open source testing software actually provides an enhanced level of data security for your assessments.
InfrastructureTo maintain fast, reliable, and secure online assessment performance at scale, the TAO Cloud operates on commercial-grade web-based infrastructure, such as AWS and Google Cloud, where access is highly restricted.TAO users benefit from industrial-strength infrastructure while our team builds platform enhancements, allowing testing programs to focus their resources on assessment innovation.
EncryptionOur data policy enforces the use of local file system encryption by our engineers and limits the persistence of any sensitive data to the strictly required. Sensitive data includes, but is not limited to, test takers’ related data, test and item content, and data collected. Customer content is stored in encrypted form in the cloud and on-premise systems, including servers.
Security Audits, Backup & RecoveryOur team enforces compliance internally and periodically schedules penetration tests with external organizations to ensure our tools provide sufficient security. Reports are available, or customers can commission their own security auditors with whom OAT will assist. We maintain logical segmentation of our customers’ testing assets and conduct regular back-ups, which can be configured to clients’ exact requirements.
Network MonitoringPotential DDoS attacks are mitigated through built-in services, which defend against the most common, frequently occurring network and transport layer attacks that target applications. These services provide always-on network flow monitoring, which inspects incoming traffic and uses a combination of traffic signatures, anomaly algorithms and other analysis techniques to detect malicious traffic in real-time.

Want to Know More?

Get in touch with a TAO security expert today - ask questions or discuss security findings directly with a member of the TAO team.
Contact TAO Security