In a changing, increasingly digital world, protecting end-user data is more crucial than ever. Nobody wants their identification or financial information to be vulnerable or compromised.
We understand the importance of data integrity and security for the certification ecosystem. Security is not an optional investment. It is foundational to the success of any certification program, and not just for exams: End users expect their data to be secure.
Thus, we’ve leaned into investing in enhancements that are necessary for both the infrastructure and application security of our LearningBuilder software. We’ve adopted both a posture of compliance and the tools to achieve compliance. We designed, built, and rigorously tested a new, secure platform. We have also invested in significant foundational work to meet the moment and plan for the future. LearningBuilder’s new, PCI-compliant architecture is the latest of our achievements in this arena! Here’s what you need to know:
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard administered by the Payment Card Industry Security Standards Council. This standard establishes the practices organizations must follow to protect cardholder data from credit card fraud.
PCI DSS compliance indicates that an organization adheres to one of the most robust and secure commercial data security standards. You can sleep more soundly, knowing we have done our due diligence to safeguard and protect your end-user data.
How Did LearningBuilder Achieve PCI Compliance?
First, we built a more secure, scalable, and resilient platform. Then, to confirm that it meets the industry’s highest security standards, we hired an independent security firm to conduct a full review. The assessment included penetration tests, vulnerability scans, policy audits, and interviews with Heuristics staff. This investigation process took approximately six weeks to complete. After their assessment concluded, they signed our PCI Attestation of Compliance. This confirms that our platform meets the industry’s highest security standards.
LearningBuilder Infrastructure and Security: What Comes Next?
This attestation of PCI compliance represents the latest fruits of our efforts to enhance our client security. New clients will be set up on the new, PCI-compliant architecture. Existing clients will be migrated during their next annual upgrade.
This new, PCI-compliant platform is a strategic foundation for a secure future. It protects your data today and paves the way for us to deliver further improvements, including:
- Faster application performance through continued optimization of service delivery.
- Greater scalability, ensuring the platform can adapt and grow with your needs.
- Enhanced high availability (HA) and resilience to strengthen reliability and cut potential downtime as we move forward.
We haven’t stopped there, either. We enhanced real-time monitoring and established comprehensive disaster recovery processes. We have also invested in the Drata trust management platform. This tool will help streamline and focus future compliance with other security frameworks. By knowing the requirements of those frameworks and how they align with our existing protocols, we can move more quickly and intentionally. Working with Drata also means we can grant current and future clients access to a “trust center” with the most up-to-date documentation of our security posture for reference and evaluation.
LearningBuilder: Designed to Meet Today’s Requirements and Tomorrow’s Opportunities
At Heuristics, we commit to continuous improvement and supporting your evolving needs. LearningBuilder is a resilient, scalable platform. We have optimized the platform for operational performance. Independent security experts validated those efforts through PCI DSS v4 compliance. We’ve also enhanced real-time monitoring and established comprehensive disaster recovery processes. The work we’ve done has prepared the platform for future performance improvements.
Ready to explore further? To learn more about our secure solutions for certification, licensure, and accreditation, we invite you to schedule an exploratory call.
