LinkIt relies on the expert counsel and experience captured in the cybersecurity frameworks listed in the table below to develop its data security policies and practices. These frameworks are recommended by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Student Data Privacy Consortium (SDPC), and other industry and government leaders. By conforming to the controls described in these frameworks and their supplementary material, LinkIt meets the objectives for K-12 data security and privacy assurance as outlined by international, federal, state, and local organizations.
Data security and privacy at LinkIt is not a “one and done” exercise. We review and update our policies annually to align with changing requirements–and improve our processes in response to changing technology and threat environments. Where possible, we leverage inherited controls by contracting with SOC2-compliant service providers to make our technical infrastructure more resilient without compromising business productivity or product value (as perceived by our client districts).
We will initiate self-assessments against the Secure Software Development Framework (SSDF) and ISO/IEC 27001:2022 in the fourth quarter of 2024.
Maintaining Organization
Framework
U.S. National Institute of Standards and Technology (NIST)
NIST Cybersecurity Framework (CSF) - Version 1.1 & 2.0
U.S. National Institute of Standards and Technology (NIST)
NIST Special Publication 800-171r3
International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC)
ISO/IEC 27001: 2013 (since 2016)
ISO/IEC 27001: 2022 (planned)
Center for Internet Security (CIS)
CIS Critical Security Controls (CISv8)
U.S. Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S))
Cybersecurity Maturity Model Certification (CMMC) 2.0, Level 1
All rights reserved
Copyright © 2024 LinkIt!