Built-In Security Features for Catalog Sites

When publishing any content online, security should be a top concern for your institution. Here at Clean Catalog, we not only adhere to best security practices, but frequently release new security updates to protect against the evolving cyber threats online. Check out a few of the security features we build into every site, giving you and your staff peace of mind.

HTTPS Connections

All Clean Catalog sites automatically use secure HTTPS connections by default. This ensures that all data is securely transmitted between your site and its users while protecting against MitM attacks. In short, HTTPS ensures your catalog site is secure and prevents sensitive information from being hacked. This protects not only your institution on the backend, but also the students and users who access the frontend of your catalog site. Your Clean Catalog site will be SSL certified during the buildout phase, ensuring your catalog is secure from the moment it launches.

Granular Permissions for Editors

Staff accounts on any service can be a big security vulnerability — you never know what sort of password hygiene different people will have. Even if an individual staff account gets compromised, though, we limit the harm that can be done by restricting user permissions. If, for example, a math instructor's account was compromised, someone could log in, edit a math course, and then get their changes rejected before they were published; the damage someone could do is extremely limited. They couldn't view user accounts, directly publish edits, or access anything in the database or site code.

Optional Single Sign On

With Clean Catalog, your staff will enjoy our secure single sign-on feature. This allows your staff to login with a single ID to both the backend of your catalog site and any other pre-existing software system you may have in place. For example, your staff can login to your catalog site using the same login credentials they use for your Learning Management System (LMS). By integrating with other API systems, employees will only be required to log in once to access all admin pages without being required to reenter authentication factors.

Optional Two-Factor Authentication

Two-factor authentication is often a great way to ensure account security, and we can enable it upon request for any sites.

Avoid Storing Unnecessary Data

One of the most important things we do for security is that, whenever possible, we avoid storing confidential data. In most cases, a course catalog site will contain information that's public — the content for your catalog — and we generally avoid having anything beyond that. Even if we're doing an SIS integration, there's no reason for us to access staff or student ID numbers, staff information beyond editor email addresses, or any of that.

This doesn't mean we don't have security features in place — our security is best in class — but it ensures that in the unlikely event of a security breach on your catalog site, the worst that happens is (for example) that someone gets a sneak peek at next year's catalog.

Regular Security Updates

We regularly release security updates to keep catalogs up-to-date and protected against ever-evolving modern security threats. Your staff won’t have to lift a finger, as these updates are automatically applied with no downtime to your catalog site. Our team also constantly monitors for any suspicious activity so that we can quickly respond to any security issues that may arise.

API Security

API integration is a common feature in modern educational platforms, allowing course catalogs to connect with other systems, such as Student Information Systems (SIS) or Learning Management Systems (LMS). However, APIs can also introduce security risks if not properly secured. Clean Catalog ensures that API connections are secured with authentication and encryption methods, protecting data as it flows between different platforms. This minimizes the risk of data breaches and ensures that only authorized users can access sensitive information.

Data Backup and Recovery

To cover your bases, your catalog must be regularly backed up and have recovery options in the event of an unexpected failure. Clean Catalog provides automated data backups (on both AWS and Google Cloud), ensuring that institutional and student data is regularly saved and can be restored quickly, if ever needed. In case of system failure or data loss, institutions can rely on Clean Catalog’s backup and recovery protocols to restore critical information with minimal disruption.

Compliance with Industry Standards and Regulations

To maintain security and protect the privacy of student and institutional data, it’s essential to comply with legal regulations and industry best practices. Clean Catalog software is compliant with the General Data Protection Regulation (GDPR), ensuring that your course catalog meets strict requirements for protecting the personal data of users. Your staff can rest easy knowing that Clean Catalog adheres to best practices for privacy, data handling, and user consent.

As digital course catalogs become the norm, securing them is more important than ever. From encrypted connections and secure authentication methods to regular updates and compliance with regulations like GDPR, Clean Catalog offers the tools institutions need to safeguard their data. Our platform combines cutting-edge security features with ease of use, ensuring that your institution’s course catalog remains both accessible and secure. Ready to enhance your digital course catalog’s security? Reach out to us today!