Successful partnerships are built on trust. Apptegy earns the trust of our clients by ensuring Thrillshare delivers industry-leading security, privacy, accessibility, and performance. Thrillshare, the first-of-its-kind K12 publishing platform, is the single pane of glass behind which Apptegy’s innovative products are administered. Thrillshare is a cloud-based software application housed in Amazon Web Services (AWS).
Trusted by 4,500+
school districts, schools, and cities.
Security and Performance
Apptegy follows the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF)
Apptegy maintains security and compliance certifications and assessments, including SOC2 Type 2
99.9% Uptime
ADA and WCAG Accessibility
Thrillshare enables WCAG 2.1 compatible website development
Your partner in ongoing ADA accessibility
Data Privacy
Thrillshare is an iKeepSafe Certified platform
FERPA Certified
COPPA Safe Harbor
California Student Privacy Certified (CSPC)
Security and Performance
Apptegy’s in-house Security Team leverages their collective expertise, focus, and diligence to ensure Thrillshare remains secure, fast, and available. In addition to building and maintaining our platform based on the NIST CSF, with compliance documented in our annual SOC 2 Type 2 report, our Security team addresses security at every layer of our application infrastructure:
Use industry-leading and accepted technologies
Limit access to all client sites to the bare minimum geo IP regions necessary and block all bad actor IP addresses from previous attacks
Use a reverse proxy to secure and scale via
Rate and connection limiting protections
Caching frequently accessed content to optimize performance
24/7 monitoring of all incoming traffic through the web application firewall, identifying potentially malicious IP ranges, blocking and mitigating threats as necessary
Multiple layers of automated monitoring and defense responses, including automated threat escalation to our Security Team, who monitor and respond to threats as necessary
Post-attempt analysis by our dedicated Security team to identify and implement additional mitigations (if applicable) to prevent any future attacks of a similar nature from affecting our sites
ADA and WCAG Accessibility
We believe that at the heart of online accessibility is usability and inclusion. Apptegy has never seen accessibility as an obligation, but rather, as an opportunity to address usability from every dimension and above all, ensure inclusion.
As Apptegy endeavored to create a world-class platform for identity and brand management, we developed our own internal standard we refer to as "access equity" - singularly focused on inclusion.
Recently, the U.S. Department of Justice (DOJ) established updated Americans with Disabilities Act (ADA) Title II rules regarding web content and mobile app accessibility, requiring compliance with the technical standards set forth in Web Content Accessibility Guidelines (WCAG), version 2.1, Level AA. However, well before the DOJ released it's updated rules, Apptegy had already embraced the WCAG 2.1 A & AA standards, developing and building our products with an eye toward helping enable our clients' accessibility compliance.
Apptegy is constantly pursuing opportunities for ensuring access equity and the evolution of accessibility from a product deliverable to a company deliverable. In addition to developing and building our products based on the WCAG 2.1 Guidelines, we are proud of our thought leadership as trusted partners to our clients, making accessibility a pillar of our training and support. Our commitment to access equity will be felt in every partnership we undertake.
Data Privacy
The privacy of our clients personal or other sensitive information is very important to us, and we appreciate your right to understand the measures we take to protect it. Here are just some of the highlights of what we do to help ensure your information remains private and secure.
Data Hosting and Encryption. We store clients' data in secure AWS servers in the US or Canada (depending on the location of each client). Data is encrypted in-transit and at rest using advanced 256 bit (AES) encryption. Our encryption methods comply with SOC2 requirements.
Data Minimization. We use the least amount of data possible to accomplish the intended business processes. Throughout our partnership, if we detect unexpected or sensitive data elements, such as dates of birth (DOB) or Social Security numbers (SSN), we actively engage and work with our clients to remediate the issue.
Data Use and Retention. Our policies addressing data use and retention are SOC-2 approved and vetted. We only request from clients the data we need to provide our services, and we only use their data for that purpose. At any time during a client's contract (including contract end date), Client's may request the return or deletion of their data stored by Apptegy.