ApplyProof is a trust solution that transforms the way official documents are accessed and verified. ApplyProof enables educational stakeholders to verify the authenticity of a document by viewing the digital original on ApplyProof using unique identifiers.

Powered by ApplyBoard, Canada’s education technology leader, ApplyProof recognizes the need for trust in international student documents. ApplyProof integrates tech innovation, security, and commitment to student success.

Enhanced Security

ApplyProof is constantly evolving its security programs to meet the latest industry-standard security, or better. Our systems include redundant access controls to prevent the possibility of a single human error or a single vulnerability in a security vendor from exposing any data in our care. 

At ApplyProof, we constantly evaluate and review the ever-changing compliance landscape across all international jurisdictions that ApplyProof serves. As these compliance standards evolve, ApplyProof will continue to monitor compliance changes and evaluate and implement enhancements where and when required to maintain the highest level of security and compliance. 

At ApplyProof, we take security seriously, and we consistently assess our security posture through independent parties. Consistently, ApplyProof has ranked among the top educational organizations globally for its security posture.

Summary 

  • By design, ApplyProof has been embedded with security controls across all information systems to  maintain the confidentiality and security of all data hosted.
  • Access to systems, data, and data centers is restricted to authorized personnel only.  ApplyProof adheres to Canadian (PIPEDA and provincial) compliance standards and is in GDPR compliance process.
  • Installation and management of software are conducted by qualified SaaS operation technicians. Only approved and licensed software is installed within the SaaS environment.
  • ApplyProof requires the use of multiple access keys, controlled, and distributed by the Originators of the data (Data Subject).
  • All institutional users are educated on the operation of ApplyProof. 
  • A strict change-control process allows ApplyProof to ensure that Infrastructure configurations are only  modified by approved technicians during approved maintenance windows.
  • All changes are reviewed  by the Security team to ensure that application and infrastructure changes meet local and international IT security standards, and do not expose environments to additional risk.
  • We have embedded data storage procedures to ensure that all data that ApplyProof collects is stored within a secure and encrypted cloud environment and that data is consistently backed up and available to avoid data loss.
  • Weekly vulnerability and penetration testing, as well as security-code reviews, are routinely performed as part of the Vulnerability Management program. This ensures our ability to prevent and protect against unwanted attacks. Annual penetration tests are  also completed by leading third-party security vendors.
  • Independent third-party real-time monitoring ensures new vulnerabilities are identified and mitigated.  Independent monitoring also ensures our network, DNS, firewall, and server configurations are properly configured and secured to protect against new and evolving attack vectors.