top of page

Information Security Policy

Effective Date: May 27, 2026

Last Updated: May 27, 2026


1. Introduction

This Information Security Policy defines the security framework, controls, and practices used by Digitus Network LLC to protect the confidentiality, integrity, and availability of systems, platforms, applications, data, and educational services operated globally.


This policy applies to all employees, contractors, educators, administrators, partners, students, and third-party service providers who access or process information systems or data belonging to Digitus Network LLC.


2. Security Objectives

Digitus Network LLC is committed to:

  • Protecting student, parent, teacher, and institutional data

  • Ensuring secure operation of all educational platforms

  • Preventing unauthorized access, disclosure, or modification of data

  • Maintaining continuous availability of learning systems

  • Complying with applicable global security and privacy regulations


3. Scope

This policy applies to:

  • Learning management systems and portals

  • School systems and administrative platforms

  • Websites and web applications

  • Mobile applications

  • AI-powered educational tools

  • Communication systems (chat, email, video conferencing)

  • Internal corporate systems

  • Cloud infrastructure and hosted environments

  • Third-party integrations used for education delivery


4. Security Governance

Security responsibilities are distributed across:

  • Executive leadership (overall accountability)

  • IT and engineering teams (technical implementation)

  • Security and compliance personnel (monitoring and enforcement)

  • School administrators and institutional partners (local enforcement where applicable)

All personnel must adhere to security policies as a condition of access.


5. Access Control

5.1 Principle of Least Privilege

Users are granted only the minimum level of access required to perform their role.

5.2 Authentication

Systems must enforce secure authentication practices, which may include:

  • Strong password requirements

  • Multi-factor authentication for administrative accounts

  • Session timeout controls

5.3 Account Management

  • Accounts must not be shared between users

  • Access must be revoked promptly upon role change or termination

  • Institutional administrators may manage student accounts under approved agreements


6. Data Protection

Digitus Network LLC implements safeguards to protect sensitive data, including:

  • Encryption of data in transit using industry-standard protocols

  • Encryption of data at rest where applicable

  • Segmentation of sensitive systems

  • Secure storage of educational and personal records

Sensitive data includes student records, assessment data, identity information, and communication content.


7. Network Security

The organization maintains network protections including:

  • Firewalls and intrusion detection systems

  • Secure network architecture design

  • Monitoring of network traffic for anomalies

  • Segmentation of internal systems from public-facing systems


8. Application Security

All software systems must follow secure development practices, including:

  • Secure coding standards

  • Regular code reviews

  • Vulnerability testing

  • Dependency management

  • Protection against common web vulnerabilities


9. Cloud and Infrastructure Security

Digitus Network LLC systems may operate in cloud environments provided by third-party vendors.

Security requirements include:

  • Secure configuration of cloud resources

  • Access logging and monitoring

  • Data isolation controls

  • Vendor compliance with recognized security standards


10. Monitoring and Logging

Security-relevant activities may be logged and monitored for:

  • Threat detection

  • Incident response

  • System integrity verification

  • Abuse prevention

Logs are protected from unauthorized access and retained according to data retention policies.


11. Incident Response

Security incidents are handled through a structured response process:

  1. Detection and identification

  2. Containment of the incident

  3. Investigation and analysis

  4. Remediation and recovery

  5. Post-incident review

Incidents may include data breaches, unauthorized access, malware infections, or system compromise.


12. Vulnerability Management

Digitus Network LLC performs regular security assessments, including:

  • Vulnerability scanning

  • Patch management

  • Security updates and remediation

  • Risk prioritization based on severity

Critical vulnerabilities are addressed promptly.


13. Third-Party Security

Third-party vendors and service providers (including cloud services, payment processors, and communication tools) must meet appropriate security standards.

Third parties may be required to:

  • Maintain security certifications or equivalent controls

  • Sign data protection agreements

  • Implement appropriate safeguards for student data


14. Endpoint and Device Security

Devices used to access systems must be protected against unauthorized access.

Security expectations include:

  • Use of secure devices for administrative access

  • Up-to-date software and security patches

  • Protection against malware

  • Secure configuration of endpoints


15. Remote Access

Remote access to systems must be secured using approved authentication methods and encrypted connections.

Unapproved remote access methods are prohibited.


16. Security Awareness and Training

All personnel must receive appropriate security training, which may include:

  • Phishing awareness

  • Data protection practices

  • Incident reporting procedures

  • Safe handling of student data


17. Physical Security

Where applicable, physical access to systems and facilities is restricted to authorized personnel only.

Measures may include:

  • Secure facility access controls

  • Visitor logging and supervision

  • Device protection in physical environments


18. Backup and Recovery

Systems are backed up regularly to ensure continuity of educational services.

Backup systems are:

  • Protected against unauthorized access

  • Tested periodically for recovery integrity

  • Stored securely in controlled environments


19. Business Continuity

Digitus Network LLC maintains continuity planning to ensure services remain available in the event of disruptions.

Plans may include:

  • Disaster recovery procedures

  • Redundant systems

  • Emergency operational procedures


20. Data Classification

Information is classified based on sensitivity:

  • Public

  • Internal

  • Confidential

  • Restricted (including student records and sensitive educational data)

Handling requirements vary by classification level.


21. Compliance

This policy is designed to support compliance with applicable laws and standards, including but not limited to:

  • International data protection regulations

  • Educational privacy laws

  • Industry security standards


22. Policy Enforcement

Violations of this policy may result in:

  • Loss of system access

  • Disciplinary action

  • Contract termination

  • Legal action where applicable


23. Policy Updates

This policy may be updated periodically to reflect changes in technology, legal requirements, or operational needs.

Continued use of systems constitutes acceptance of updates.


24. Contact

Security-related concerns should be reported to:

Digitus Network LLC

Email: info@digitusnetwork.com

Address: 1303 S. 6th St, Brainerd, MN 56401, United States

bottom of page