Security

Security at Ed.ai

The technical controls behind our privacy commitments. US-hosted, encrypted in transit and at rest, human-verified AI processing, and an incident response plan calibrated to the reality of school data.

  • ✓ Hosted on Microsoft Azure, US only (US Central)

  • ✓ TLS 1.3 in transit · AES-256 at rest

  • ✓ De-identification before any LLM call

  • SOC 2 Type II: not yet. We'll publish here when that changes.

Infrastructure

Hosting and data residency

  • Cloud provider: Microsoft Azure.

  • Region: US Central. No data, backup, or failover outside the United States.

  • In-US redundancy only. Redundancy and failover are configured across availability zones within the United States; we never replicate outside US boundaries.

Network isolation

  • Virtual Private Cloud (VPC) isolation per environment (production, staging, development).

  • Private endpoints for database and storage — no public internet exposure.

  • Bastion-only SSH / RDP access for infrastructure operations, with MFA and audited sessions.

DDoS protection and perimeter

  • Azure DDoS Protection Standard on public-facing endpoints.

  • Web Application Firewall (WAF) with OWASP Core Rule Set.

  • Rate limiting and bot mitigation on authentication and upload endpoints.

Administrative access

  • MFA required for every employee with access to production.

  • Just-in-time (JIT) elevation for sensitive operations; default state is read-only for most roles.

  • Full audit logging of administrative actions, retained for the contract duration + 1 year.

  • Quarterly access review — any unused privilege is removed.

Applications

Encryption

  • In transit: TLS 1.3 (no TLS 1.1 / 1.0). HSTS enabled with preload.

  • At rest: AES-256. Transparent Data Encryption (TDE) on databases; customer-content encryption on blob storage.

  • Backups: encrypted with distinct keys from production data.

Authentication

  • Passwords: SHA-512 hashing with per-user salt.

  • SSO: SAML 2.0 and OAuth 2.0 / OIDC. Clever, ClassLink, Google Workspace for Education, Canvas, and Edlink integrations supported.

  • MFA: available for all account types; required for district admin accounts.

  • Session management: short-lived access tokens, refresh rotation, revocation on logout.

Application security

  • OWASP Top 10 controls embedded in the SDLC.

  • Code review: two-person approval required for merges to protected branches.

  • Static analysis (SAST) and dependency scanning on every build.

  • CI/CD pipeline with no direct production server access — deployment is through audited pipeline only.

  • Least-privilege service accounts scoped per microservice.

Testing and validation

  • Continuous vulnerability scanning on infrastructure and container images.

  • Responsible disclosure: report suspected vulnerabilities to privacy@ed.ai; we acknowledge within 2 business days.

AI processing

De-identification pipeline

Before any student work reaches a language model:

  1. The image is parsed to detect identifying zones (names, roster identifiers, class labels).

  2. Those zones are masked with opaque white pixels — irreversibly, before transcription.

  3. The masked image is transcribed via OCR.

  4. The transcription is sent to the LLM.

The LLM never sees who the work belongs to. Full pipeline description and validation metrics on /de-identification.

AI sub-processors and contractual posture

  • Azure OpenAI, Azure Claude, Azure Mistral (Microsoft Azure US Central) and Google Gemini (Google Cloud, US) — all US-hosted enterprise deployments.

  • Contracts include:

  • No retention of prompts or completions beyond the request lifetime

  • No model training on customer data

  • Each sub-processor is listed on /sub-processors.

Data minimization

Only the minimum data necessary for each AI task is sent. Roster data, teacher identities, and administrative metadata are never sent to the LLM.

Organizational security

Backup and recovery

  • Daily encrypted backups of production databases, stored within US regions.

  • Recovery from backups is part of our Business Continuity Plan (see 5.4).

People and process

  • Background checks on employees with production access, consistent with applicable law.

  • Annual privacy and security training for all employees; targeted training for engineering and support.

  • Confidentiality agreements with every employee and contractor.

  • Separation-of-duties: no single person can deploy to production without review.

Vendor management

  • DPA signed with every sub-processor handling personal data.

  • Sub-processor review before onboarding and annually thereafter.

  • Current sub-processor list published at all times on /sub-processors.

Business continuity

  • BCP (Business Continuity Plan) reviewed annually.

  • Redundant infrastructure across US availability zones.

Incident response

Our incident response plan

We maintain a written Incident Response Plan covering detection, triage, containment, eradication, recovery, and post-incident review.

Notification timelines

We commit to notifying affected schools and districts as quickly as reasonably possible after confirmed discovery, and in any case:

  • Baseline commitment (all schools)Within 72 hours of confirmed incident

  • New York Ed Law §2-d — Within 7 days to the Chief Privacy Officer

  • Illinois SOPPA — Within 30 days to parents (via the school)

  • Colorado HB14-1294 — Without unreasonable delay

  • District contract (NDPA) — Per contract — often within 24–48 hours

Notifications include: nature and scope of the incident, data categories involved, students/classes affected where determinable, actions taken, recommended actions for the school, and a named point of contact.

Coordination

  • State Education Agencies (SEA): we coordinate with the SEA where state law requires.

  • Parents: schools lead communication to parents; we support with facts and templates.

  • Regulators: we cooperate with the FTC, state AGs, and U.S. Department of Education as applicable.

Reporting a security concern

  • Security reports (bugs, suspected vulnerabilities):privacy@ed.ai. We acknowledge within 2 business days.

  • Active incidents at your school:privacy@ed.ai + your district's DPO.

What we don't claim

Clarity matters more than collateral. Here is where we stand:

  • SOC 2 Type IINot in place. No published roadmap yet.

  • ISO 27001 — Not in place.

  • StateRAMP / FedRAMP — Not applicable today (not a federal contractor).

  • NIST CSF alignment — Informal self-assessment — no third-party audit.

  • CJIS — Not applicable.

  • HIPAA — Not applicable — Ed.ai is not a healthcare service.

We'll update this page the moment any of these changes. If your district requires a specific attestation, talk to privacy@ed.ai and we'll be upfront about whether and when we expect to have it.

Requesting more detail

District CTOs, CISOs, and security reviewers can request:

  • Detailed architecture diagrams (under NDA)

  • Penetration test executive summary

  • Sub-processor DPA copies

  • Incident response plan redacted summary

Send requests to privacy@ed.ai.