IT SECURITY 


& INFRASTRUCTURE
2021

IT SECURITY & INFRASTRUCTURE

01
 01 Introduction
Security, privacy, and reliability are the ground rules of any business. 

At iSpring, we support the security requirements of many industries around
the world, and guarantee that the IT security and compliance needs of all
our clients are taken seriously.

IT SECURITY & INFRASTRUCTURE

This presentation will provide a general overview of how we provide security.

02
 02 Data Security
Privacy and GDPR
Trusted hosting providers

IT SECURITY & INFRASTRUCTURE

Data protection
Employee access
iSpring Certification

03
 Privacy and GDPR
iSpring respects your right to privacy and In this case, the data has to be routed and
understands that while visiting our website, transmitted to be viewed by the end user.

using our products and services, or otherwise

interacting with us, you prefer to control the iSpring acts as both a data controller and a
way your personal information is stored and data processor under the GDPR.

processed.

iSpring has implemented the following

iSpring is committed to protecting requirements under the GDPR, including but
customers’ and end users’ data from not limited to:
unauthorized access. We maintain
compliance with the General Data
A record of our Personal Data
Protection Regulation (GDPR) and help our
processing activities

customers comply with GDPR and other

similar regulations.
Adequate organizational and
technical protection measures

IT SECURITY & INFRASTRUCTURE

We execute Standard Contractual Clauses
Request forms and internal instructions
(SCC) to protect customers’ personal
for Privacy by Design & Default, Data
information if it’s transferred between EU
Portability, and Data Subject Rights,
and non-EU countries (Data Processing
such as the Right to be Forgotten
Agreement). A simple example of such a
transfer would be when your user is
physically located in the US and asks to view
the data while it is being stored in the EU.

04
 Trusted hosting providers
We work only with trusted hosting providers:

Liquid Web (check Liquid Web certifications)

Amazon Web Services (check AWS compliance program)

FirstColo (ISO 27001 certified)

Leaseweb (ISO 27001 certified)

The data of our European clients is stored at AWS (Dublin, Ireland; Frankfurt, Germany),
and processed at FirstColo (Frankfurt, Germany). The contact information of our client
companies and their contact persons is stored and processed at Liquid Web (Lansing, MI).

We store the data of our clients from the US and other regions at Liquid Web (Lansing, MI),
AWS (N. Virginia; N. California), and Leaseweb (Washington, D.C.) – and these data are

IT SECURITY & INFRASTRUCTURE

processed at Liquid Web (Lansing, MI).

Regardless of where your information is stored or processed, we apply the same

protections described in this Policy.

05
 Data protection
iSpring stores data on multiple hosting iSpring Web Services are firewall friendly and
providers to re-route traffic in case of an can be integrated into the network
emergency. We use a secure HTTPS infrastructure of most companies easily.
connection with a firewall to protect our Check out Overview of Security Processes of
customers’ information.
iSpring Web Services to find out more.

iSpring uses real-time backup technologies You can always contact our tech support
to avoid data loss and interruption of service team with any technical issues.
in case of hardware issues.

We at iSpring monitor the performance of

our servers 24/7, including CPU load, RAM
usage, and free space on the drives, so we
can guarantee the efficacy of all our
services.

IT SECURITY & INFRASTRUCTURE

iSpring is continuously implementing the
most up-to-date technologies to provide our
customers with the highest level of
information security. We perform internal
and third-party penetration tests and
monitor our security system for vulnerabilities
on a daily basis.

06
 Employee access
The iSpring team comprises carefully selected trustworthy professionals. We conduct a
thorough background check on every employee who will have access to customer data.
Administrative access is granted selectively and provisionally only to those who have
confirmed business needs.

IT SECURITY & INFRASTRUCTURE

07
 iSpring Certification
iSpring takes customer security very seriously and conducts
third-party audits and certifications regularly to demonstrate its
compliance with international information security standards.

ISO 27001

ISO 27001 is an information security standard that contains best

practices for information security management. Meeting ISO 27001
requirements helps organizations protect their information assets so
they can be considered trustworthy.

Click here to request the documentation

ISO 27701

IT SECURITY & INFRASTRUCTURE

ISO 27701 is an extension of ISO 27001 and ISO 27002 that aims to
reduce risk to the privacy rights of individuals. It adds requirements
to the existing Information Security Management System (ISMS) to
establish, implement, maintain, and continually improve a Privacy
Information Management System (PIMS).

Click here to request the documentation

08
 03 Integrations
Integration via REST/SOAP API
Single sign-on (SSO)

IT SECURITY & INFRASTRUCTURE

Web meeting integration (Zoom and MS Teams)
Support

09
 Integration via REST/SOAP API
An application programming interface (API) lets you integrate iSpring Learn LMS with your
HR system, corporate portal, ERP system, and other systems used by your back office
seamlessly and safely.

An API provides access to most iSpring Learn features, including user identification and
management of users, organizations, content, and accounts. Detailed help docs on REST
and SOAP API will save your developers precious time.

IT SECURITY & INFRASTRUCTURE

10
 Single sign-on (SSO)
With single sign-on, your employees won’t have to constantly type in their LMS password.
If they’re signed on your corporate website or email server, iSpring Learn authenticates
them automatically. No need to enter their details again! For example, you can integrate
iSpring Learn with AZURE AD and Active Directory.

JWT

OpenID

SAML

IT SECURITY & INFRASTRUCTURE

11
 Web meeting integration
(Zoom and MS Teams)
Seamless integration with Zoom and MS Teams meetings allows you to furnish
high-quality live meetings for your learners with HD audio and video, chat, and screen
sharing. Your employees can join the sessions from any device and watch the meeting
recording later if they can’t attend or wish to review.

iSpring Learn automatically invites employees and notifies them about the meeting. Plus,
you’ll get a detailed report that includes who attended the meeting and how much time
they spent in attendance.

IT SECURITY & INFRASTRUCTURE

12
 Support
The iSpring Support Team is ready to help you 24/7.

No chatbots. We offer customers and trial users free live technical support from highly
skilled professionals via chat, phone, and email.

IT SECURITY & INFRASTRUCTURE

13
 03 Summary
We work hard continuously to gain and maintain your trust. iSpring protects all
confidential information from unauthorized disclosure to any third party. To ensure our
clients operate without interruptions, we provide constant data protection, extensive
monitoring, and load balancing. To keep confidential information safe, we use

IT SECURITY & INFRASTRUCTURE

state-of-the-art encryption. Be assured that your data is protected from any and all
security threats while using iSpring products.

14