Pointii’s Statement on Security

Last Updated: May 26, 2018

  • Our company’s students and educators use Pointii every day to prepare for professional interaction and get connected to industry experts who share their career interests. Ensuring our platform remains secure is vital to protecting their data and our own, and protecting your information is our highest priority.
  • Our security strategy covers all aspects of our business, including:
    • Pointii corporate security policies
    • Physical and environmental security
    • Operational security processes
    • Scalability & reliability of our system architecture
    • Data model access control in Pointii
    • Systems development and maintenance
    • Service development and maintenance
    • Regularly working with third party security experts
  • Pointii Corporate Security Policies & Procedures
    Every Pointii employee agrees to a Data Access Policy that binds them to the terms of our data confidentiality policies, available at  Terms of Service and Privacy Policy. Access rights are based on employee’s job function and role.
  • Security in our Software Development Lifecycle
    Changes to Pointii’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein Pointii employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. Pointii engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.

    In addition to a list where all access control changes are published, we have a suite of automated unit tests that check that access control rules are written correctly and enforced as expected. We also work with third-party security professionals to:
    • Use network scanning tools against our production servers
    • Test our code for common exploits
  • Security at the Pointii office
    Our office is secured via keycard access which is logged, and visitors are recorded at our front desk.

    We monitor the availability of our office network and the devices on it. We collect logs produced by networking devices such as firewalls, DNS servers, DHCP servers, and routers in a central place. The network logs are retained for the security appliance (firewall), wireless access points, and switches.
  • For questions about these or any Pointii terms or policies, email us at pointii_rep@pointii.com.