Security Practices

Overview

Skolarli protects two distinct categories of customer data with different security postures appropriate to each:

1. Platform data — your account, your users, your courses, your content, your billing information. Standard SaaS-grade protection: encryption, access control, India-resident hosting, audit logs.
2. Assessment data — biometric snapshots, voice fingerprints, proctoring evidence, candidate dossiers. Stricter protection: short retention defaults, stronger isolation, identity-bound access.

This page explains both. The first half covers our platform-wide security practices. The second half covers our assessment-specific security model, including the Skolarli Integrity Browser, AI-powered proctoring, and how candidate biometric data is handled.

Hosting & Data Residency

Skolarli operates two distinct platforms with separate hosting infrastructure, both located in India:

1. Enterprise Platform (skolar.li, app.skolar.li, beta.skolar.li): Hosted on Amazon Web Services (AWS) in the Mumbai region (ap-south-1). All customer data, application servers, and databases reside within India.
2. Consumer Platform (me.skolar.li — Skolarli Akademy): Hosted on DigitalOcean's Bangalore region (BLR1). Consumer-facing learner data resides within India.

Both platforms are governed by the Digital Personal Data Protection Act, 2023 (DPDP) and operate under our published Privacy Policy. Cross-border data transfers are limited to specific third-party service providers (payment processors, AI services routed through Skolarli AI models, analytics platforms) and only where necessary to provide the Service. See the Privacy Policy for the full list of data processors.

Data Security

Data Encryption at Rest

Customer data is encrypted at rest using AES 256-bit encryption via the FIPS 140-2 validated cryptographic module. Encryption keys are managed through AWS Key Management Service (AWS KMS) with documented rotation policies. Backups, temporary files generated during query execution, and any third-party credentials entered by customers in the marketplace apps are all encrypted using the same standard, and isolated per customer in our database.

Data Encryption in Transit

All data in transit is encrypted using TLS 1.2 or higher across our platform, with TLS 1.3 enabled on supported endpoints. Public-facing endpoints, internal service-to-service communication, and database connections all enforce encryption in transit.

Data Backups & Durability

Customer data is stored on AWS infrastructure with 99.999999999% (11 nines) object durability. Both production data and backups are encrypted, with continuous monitoring and alerting for anomalies. Our Recovery Time Objective (RTO) is 2 hours and our Recovery Point Objective (RPO) is 24 hours.

Data Isolation

Skolarli operates a dual-database architecture optimized for security and performance. Structured customer data (user profiles, account configurations, billing records) is stored in a relational database with strict integrity constraints. Behavioral and analytics data (learner activities, assessment events) is stored in a separate, semi-structured datastore designed for fast retrieval and analytical queries. This separation reduces the blast radius of any single component failure or compromise.

Data Deletion

Customers own and control their data. Account Owners may request data deletion or self-serve deletion of their own data, except where retention is required by regulatory or legal obligations. Specific retention windows for assessment data (snapshots, audio, dossiers) are detailed in the Assessment Data Handling section below and in our Privacy Policy.

Access Monitoring

All critical systems generate detailed logs covering authentication events (successful and failed logins), application access, and configuration changes. Logs are retained for forensic and compliance purposes and are reviewed during routine security audits.

Application Security

Secure Software Development Lifecycle

Skolarli follows a defined Secure SDLC. Threat modeling and secure design reviews are performed for all major releases and feature updates. Code is subject to peer review prior to merge, and significant feature launches undergo dedicated security review and codebase scans before release.

Code Analysis & Vulnerability Scanning

Our security and development teams conduct regular threat modeling, static code analysis, and dependency scanning. Vulnerabilities discovered through internal scans, customer reports, or third-party disclosure are triaged and resolved according to severity. Critical issues are patched within hours of identification; lower-severity issues follow standard release cycles.

Web Application Firewall

All public endpoints sit behind AWS Web Application Firewall (AWS WAF), which blocks common attack patterns (SQL injection, cross-site scripting, malicious bots) before requests reach our application servers. We also implement custom IP-based rate limiting and blocking for traffic exhibiting abusive patterns.

Credential & Secret Management

Application secrets, API keys, and credentials are managed through AWS KMS and AWS Secrets Manager. Secrets are never stored in source code, configuration files committed to version control, or accessible logs. Resources stored in AWS S3 use KMS-managed encryption keys with automatic rotation.

Vulnerability & Patch Management

Skolarli performs continuous vulnerability scanning across all infrastructure hosts and our product codebase. External and internal services are patched on a regular cadence. Customer-facing components receive emergency patches within hours of vulnerability disclosure for critical issues.

Access Control

Least Privilege Principle

Skolarli strictly applies the principle of least privilege for all access management. Access rights are assigned based on an individual's documented role and the specific tasks they need to perform. Regular access audits validate and adjust these privileges, ensuring access to critical systems remains justified, current, and minimal.

Role-Based Access Control

The Skolarli platform implements granular role-based access control (RBAC). Every feature entry point, API endpoint, and administrative function is gated based on the user's assigned role. Role assignments are auditable and any privilege change is logged.

Internal Access

Skolarli employees may access customer data only for the purposes of troubleshooting reported issues or recovering content on the customer's behalf. All such access is logged with the responsible employee, the affected customer, and the reason for access. Employees do not have routine read access to customer content.

Multi-Factor Authentication

All Skolarli employees with access to production systems are required to use multi-factor authentication. Customer-facing MFA is available on the platform and recommended for all Account Owner accounts.

Infrastructure Security

Cloud Provider Security

Our enterprise infrastructure runs on AWS, which maintains independent third-party certifications and assessments for physical security, operational security, and regulatory compliance. AWS data centers are protected by multi-layered physical access controls. We defer all data center physical security controls to AWS. Public details on AWS infrastructure controls are available at aws.amazon.com/compliance/data-center/controls.

Anti-DDoS Protection

Skolarli uses a layered DDoS defense: AWS Shield protects our application and REST APIs at the cloud-provider level, and Cloudflare provides edge-level DDoS protection for video, static assets, and public web traffic. This dual-layer approach ensures availability even under sustained attack.

Production Environment Isolation

Customer data is never stored in development or staging environments. Production data is logically and network-segmented from non-production environments, with strict access controls preventing engineering staff from copying production data into testing systems.

Video Content Hosting

Video content uploaded to Skolarli is hosted on Cloudflare Stream and Vimeo. Uploads use the TUS resumable protocol — if an upload is interrupted, it can resume from the last completed chunk rather than restarting. By default, video access is locked to *.skolar.li domains; this can be customized to a customer's branded subdomain on request. Geographic access controls are available for customers with content distribution restrictions.

Network Security

Security Information & Event Management

Skolarli uses AWS CloudWatch and AWS Security Hub for security event aggregation, monitoring, and alerting. Critical security events are surfaced to our on-call engineering team in real time, with documented escalation procedures for incident response.

Network Segmentation

Our application infrastructure is segmented into public, private, and isolated subnets. Customer-facing services live in public subnets behind WAF and load balancers. Application servers and databases live in private subnets with no direct internet access. Sensitive data stores are in further-isolated subnets accessible only through narrowly-scoped service principals.

AI & LLM Data Handling

Skolarli's AI runs on three commitments. Each is built into the architecture, not just the policy.

In-VPC Processing

AI processing happens inside our VPC perimeter on Skolarli AI models. Your content is never sent to public LLM APIs — not ChatGPT, not Anthropic's public endpoint, not Gemini's. The processing happens on our infrastructure, in our region, under our control.

No Training on Customer Data

Your content is never used to train AI models. Not ours, not the underlying models we run on, not anyone's. The AI processes your data to return one specific result — a summary, a score, a suggestion — and discards it. Nothing is retained beyond the request.

Human-in-the-Loop

Our AI assists human evaluators. It does not replace them. Quality scores, recommended marks, identified strengths — all provided as inputs to your decision, never as outputs that bypass it. Final hiring, grading, and certification decisions rest with a human reviewer. This is enforced in the interface itself: the platform requires human action at every decision point.

Assessment Security

Hiring assessments and certification exams require security beyond standard SaaS data protection. The integrity of an assessment depends on knowing who is taking it, what they have access to during it, and being able to prove the result is defensible. Skolarli's assessment security model is built around these three concerns.

Skolarli Integrity Browser

Skolarli Integrity Browser (SIB) is a desktop application that seals the candidate's environment for the duration of a proctored assessment. SIB is available for macOS and Windows (Linux is not currently supported) and is required for high-stakes assessments where assessment integrity is paramount.

Environment Lockdown

While an assessment is in progress through SIB, the following are blocked or disabled:

1. AI assistant tools (ChatGPT, Claude, Copilot, Gemini, Perplexity, and other major AI services) at both the network and process level.
2. Virtual machines, RDP sessions, screen sharing, remote control software, and other environment-escape mechanisms.
3. Screenshots, screen recording, tab-switching, and external application focus changes.
4. Keyboard shortcuts that could exfiltrate content or invoke external tools.

Every blocked attempt and detected violation is logged with a timestamp and contextual evidence (snapshot, process name, or event type) and is associated with the candidate's session record.

Distribution & Access Control

SIB is distributed only to verified Skolarli customers and their authorized candidates. The application is gated by tenant — anonymous downloads will not activate, and access requires an active Skolarli account or a valid candidate invitation. Customers can request the SIB installer through their Skolarli account manager.

Identity Verification

Before a candidate can begin a proctored assessment, identity is verified through a combination of biometric checks. The goal is to confirm that the person taking the assessment is the same person invited to it, and that the same person remains throughout the session.

Liveness Detection

At session start, the candidate completes a multi-challenge liveness check designed to detect spoofing attempts (printed photos, recorded video, masks). Challenges include head pose verification, blink detection, and expression validation. The challenge sequence randomizes per session to prevent replay attacks.

Facial Recognition

A reference photo is captured at session start using AI-powered facial recognition with multi-point landmark analysis. During the assessment, periodic snapshots are matched against the reference photo to confirm the candidate has not been replaced. Match confidence scores are logged with each snapshot for later audit.

Voice Fingerprinting

For assessments that include audio (verbal responses, video interviews, audio-monitored sessions), Skolarli generates a voice fingerprint at session start and continuously verifies that the same speaker is present throughout. Phrase recognition combined with speaker biometrics confirms identity continuity. This protects against scenarios where one candidate begins an assessment and another completes it.

Pre-Session Environment Checks

Before an assessment begins, SIB performs environment checks: microphone and camera availability and quality, network conditions, multi-monitor detection, and virtual camera detection. Failed checks are surfaced to the candidate with remediation guidance before the assessment timer starts.

Continuous Proctoring

Throughout the duration of a proctored assessment, multiple monitoring systems run continuously to detect integrity events. All monitoring is disclosed to the candidate before the assessment begins.

Snapshot Monitoring

Periodic webcam snapshots are captured at configurable intervals (default: 30 seconds) and analyzed for face presence, face count (multiple-person detection), gaze direction, eye state, and presence of prohibited objects (mobile phones, books, secondary screens). Snapshots are also captured on detected violation events to provide contextual evidence.

Audio Monitoring

Where audio monitoring is enabled by the customer, the candidate's microphone is monitored for voice activity, mute attempts, and the presence of multiple speakers. Audio is recorded in chunks and persisted to encrypted storage for post-assessment review.

Anti-Cheat Browser Hardening

The Skolarli assessment runtime hardens the candidate's browser against common cheating attempts: right-click and copy-paste blocking, developer tools detection, fullscreen enforcement, tab-switch detection with configurable thresholds, print-screen detection, and keyboard shortcut blocking. Tab-switch and DevTools events are logged in real time, with configurable disqualification thresholds.

Magic-Link Delivery

Candidates access assessments through signed, single-use magic links that bind the assessment session to the invited individual. No candidate sign-up is required, eliminating an entire class of credential-sharing risk. Magic links carry JWT-signed claims, expire automatically, and are non-transferable.

Assessment Data Handling

Assessment data — biometric snapshots, voice recordings, reference photos, dossiers — is sensitive. Skolarli treats different categories with different retention rules to balance integrity and privacy.

Snapshots & Audio Recordings

Webcam snapshots and audio chunks captured during proctored assessments are retained for 15 days by default. After 15 days, they are automatically purged from our systems. Customers may request extended retention in writing for compliance, audit, or dispute resolution purposes — with the legal basis for the extension documented.

Reference Photos

The reference photo captured during liveness verification at the start of an assessment is retained alongside the candidate's session record for the lifetime of the customer's account, unless explicit deletion is requested.

Candidate Dossiers

Assessment results, scores, evaluator notes, AI-assisted summaries, and final candidate dossiers are retained for the lifetime of the customer's account, unless deletion is explicitly requested. Dossiers form the auditable hiring trail and may be required for regulatory review (anti-discrimination compliance, hiring audit defense).

Violation Logs

Trust score violations, anti-cheat events, and the snapshots associated with them are retained alongside the dossier for as long as the dossier itself is retained. This ensures the dossier remains a complete and defensible record.

Storage & Encryption

All assessment data — snapshots, audio chunks, reference photos, dossiers, and violation logs — is encrypted at rest using AES-256, isolated per customer tenant, and accessible only through narrowly-scoped service principals with audited access. Assessment biometric data is never used for any purpose other than proctoring integrity, and is never shared with AI training pipelines or external services.

Trust Score & Audit Trail

Every proctored assessment session produces a trust score on a 0–100 scale. The score begins at 100 and is reduced when integrity events occur, with deductions weighted by event severity:

1. Low severity (e.g., brief tab-switch, minor environment change): −2 points per event
2. Medium severity (e.g., repeated tab-switches, voice anomaly): −5 points per event
3. High severity (e.g., multiple faces detected, prohibited object detected): −10 points per event
4. Critical severity (e.g., face mismatch, environment escape attempt, AI tool access): −20 points per event

The trust score appears on the candidate's dossier alongside skill scores. It is not a pass/fail signal — it is an integrity context indicator. A high skill score with a low trust score gives the hiring manager information they would otherwise lack.

Audit Trail

Every assessment session generates a complete audit trail: timestamps for session start and end, every snapshot captured, every violation detected (with the contextual snapshot, audio segment, or event metadata), the reference photo, the liveness verification result, and the final scoring. This audit trail is preserved alongside the dossier and is available for export by Account Owners for compliance review or hiring decision defense.

Corporate Security

Employee Security Training

All Skolarli employees complete security training during onboarding and annually thereafter. Employees acknowledge our Code of Conduct and Security Policy in writing as a condition of employment. Training covers data handling, incident response, social engineering awareness, and role-specific security expectations.

Background Verification

All new hires undergo background verification appropriate to the role and the level of access to customer data the role requires. Roles with access to production systems have additional verification requirements.

Internal Security Audits

Skolarli conducts internal security audits at least annually. Audits cover access reviews, vulnerability assessments, configuration drift detection, and incident response readiness. Findings are tracked through resolution.

Incident Response

Skolarli maintains a documented incident response process covering detection, containment, eradication, recovery, and post-incident review. Critical security incidents trigger notification to affected customers within timelines aligned with applicable regulatory requirements (DPDP Act 2023, GDPR where applicable).

Product Security Features

Domain Management

By default, Skolarli applications are accessed via a subdomain on skolar.li. Customers can configure a branded subdomain pointing to our application (e.g., training.yourcompany.com can be CNAME-mapped to yourcompany.skolar.li). Each tenant's data is segregated by subdomain. Subdomains are managed through Cloudflare for DNS resilience and DDoS protection.

Tenant Isolation

Skolarli is architected for multi-tenant isolation. Each customer's data is logically segregated at the database level, and every API endpoint enforces tenant scoping. A tenant cannot access another tenant's data, users, content, or assessment records, regardless of the access path.

Single Sign-On (SSO)

SSO via SAML 2.0 and OAuth 2.0 is available for enterprise customers, allowing identity to be managed through the customer's existing identity provider. SSO integrations support standard providers (Okta, Azure AD, Google Workspace) and any compliant SAML/OAuth provider.

Audit Logs for Customers

Account Owners and administrators have access to audit logs of activities within their tenant: user logins, content creation and modification, assessment events, and administrative changes. Logs can be exported for compliance review.

Related Policies

This Security Practices page describes our operational security controls. For related commitments, see:

1. Privacy Policy — How we collect, use, share, and protect personal data, including the full list of data processors and your rights under the DPDP Act, 2023.
2. Terms & Conditions — Our Service Level Agreement (99.5% uptime), incident response commitments, and the legal framework governing our services.

Reporting Security Concerns

If you believe you have discovered a security vulnerability in any Skolarli product or service, or if you have questions about our security practices, please contact us:

For responsible vulnerability disclosure, please provide a clear description of the issue, steps to reproduce, and the affected component. We commit to acknowledging valid reports within 48 hours and to keeping you informed throughout the resolution process.