Actively Protecting Student Information & School Data

Accessing school and student information via the Internet is a powerful feature but it comes with security concerns.

Data Segregation: Logical Separation of Customer Information

Data in the SchoolFront school management system (SMS) is segmented using multiple constructs, for example District, School, School Year, Role, and User.  Your school would likely exist as a single-school district in the system.

All data returned (displayed) by the system for a given user is filtered on at least one, if not all of, the following unique segmentations: DistrictID, SchoolID, YearID, RoleID, UserID. The following is true of security and data segmentation in the SMS):

• Only people with a username and password can access ANY information in the SchoolFront (SMS).

• All users only have access to the district in which their user record was created.

• When a customer first begins licensing SchoolFront, the SchoolFront team enables access for only the district’s designated system administrator(s)—i.e. those with the highest level of system clearance.

• Only system administrator(s) can grant system access to others in the district. SchoolFront personnel refer all others requesting system or information access for a given district to the system administrator(s) of that district. This includes access requests from other district/school staff members, parents/guardians, students, etc.

• All users only have access to the school(s) and school year(s) in the district to which they have been granted access by the system administrator(s).

• Roles can be added and removed from users by system administrators. A user can have multiple roles in the system and can toggle between the roles without logging out and into the system.

• All users only have access to the information and functionality granted by their role(s) in the system.

• There are multiple school staff roles which grant variable levels of access to the staff user (e.g. teacher, administrator, discipline, health/medical, admissions, etc.)

• The “family” role allows the user with the role to only view the information of the student(s) linked to the user as “children” (i.e. parents/guardians can only see the information of their child or children in the system).

The “student” role allows the user with the role to only view his/her own information. 

Student & School Privacy & Data Integrity

The privacy of SchoolFront users and the integrity of school data are of the utmost importance to us at SchoolFront. For security reasons only an appointed member of a school's administrative staff can grant anyone access to SchoolFront or the information within.

This means that even members of the Support Team Staff at SchoolFront are not permitted to grant anyone access to the system.

Therefore if users experience any difficulty accessing or using SchoolFront, or if someone would like another member of a student's family to be given access to the system, they must go through  an appointed gatekeeper at the school.

Initial administrators are added by the SchoolFront Support Team.  All future user management is completed by the school.  Authentication settings included session length, password strength and the ability to disable a user’s access to SchoolFront.

Data Encryption

Data is encrypted in motion using SSL.  Certain data is encrypted at rest including user data.  All off-site backups are encrypted.

Physical Security & System Monitoring

FrontEdge Inc. employs data protection and security best practices in the maintenance of the SchoolFront system. Many schools and districts do not have the security resources required to monitor and deploy a secure solution the way FrontEdge Inc. does.

SAS70 Compliant Data Center & 24 x 7 System Monitoring

FrontEdge Inc. houses the SchoolFront hardware in an SAS70 compliant data center where the system is protected via secure network hardware and 24 x 7 monitoring, which prevents intrusions.

Click on an item on the left for more information.