Key Security Features
Built in security and SSL
Instant access to updates
Service Level Agreement (SLA) 99.5% & 24/7 monitoring
“The rate at which we were growing after the launch even surprised me, and I knew it was going to be big. The Thinkific team was able to help us on the back end so we could manage the high volume of traffic coming through [over 1 million students]. That level of customer service during the time of rapid growth is invaluable.”
Director of the Institute for Excellence in Health Professions Education, MBRU
Where and how is Thinkific Plus’s data stored?
All our information is stored in a secure database hosted on the AWS cloud platform within the United States of America. It runs on the same highly reliable infrastructure used by other Amazon Web Services.
We have provisioned the data storage as a Multi-AZ database where its data is synchronously replicated to a standby instance in a different Availability Zone (AZ) for failover purposes. It is also SSD-backed optimized for high-performance applications.
Is Thinkific GDPR Compliant?
Many of Thinkific LMS Platform’s business customers operate in Europe or have European citizens as users of our platform and need to comply with the European Union’s General Data Protection Regulation (GDPR). The GDPR specifies the number of requirements companies must meet around protecting personal data.
Thinkific is fully compliant with GDPR across Thinkific LMS services. Customers can review and sign our Data Processing Agreement.
Where can Thinkific Plus’s data be accessed from?
Although the database is currently stored within the US, the database servers are not accessible outside our AWS security network. Access to the database is only made available to our application servers hosted within the same AWS secured network and to a very limited number of Thinkific technical employees for support purposes.
Although there is no data encryption enabled for the stored data itself, security is mainly provided through limited accessibility. For more information on AWS’s data privacy, please see here.
Does Thinkific Plus have on-demand scalability to increase resources for increased capacity?
We take site reliability seriously at Thinkific Plus and we are proud of the 99.9% uptime that we maintain in our application.
Thinkific Plus is built for companies at scale and is able to adapt to your traffic needs. This means that we can easily increase its compute and storage capacity automatically and with no downtime. For larger launches, such as virtual summits, you can work with your Customer Success team directly and the product team for extra resources and peace of mind for launch.
For example, in April 2020, a medical school in Asia released a course on COVID-19 and had over 500,000 students register and take their course within 11 days of launch. Our platform was able to easily handle the capacity alongside our thousands of other course creators’ sites.
What is the frequency of backups? How long is it stored for?
Snapshots are taken daily and backed up for up to 30 days.
Have any tests been undertaken to prove proper customer data isolation?
Yes, we have a comprehensive suite of unit tests that verify the isolation of customer data.
What are Thinkific’s security and privacy policies?
Can clients maintain the keys to encrypted data?
Yes, custom SSL certificates are available on Thinkific Plus and we will work with you to install it on your Thinkific site.
Can we do penetration tests?
If you would like to complete your own penetration test, you must contact our solutions team prior to running the test so that we can best assist you. Please reach out to us at firstname.lastname@example.org if you are planning to conduct a penetration test.
How often is the platform monitored?
Our platform is monitored 24 hours a day, 7 days a week.
What methods are used for user authentication?
We have minimum password requirements and are able to enable password complexity.