Security built into every layer
Hundreds of thousands of students and institutions across 180 countries trust Rouxbe with their data. We protect it with industry-standard encryption, hardened AWS infrastructure, and continuous monitoring against recognized security frameworks.
Encrypted in Transit
TLS 1.2+ secures every connection between your browser and our servers.
Encrypted at Rest
All stored data is protected with AES-256 encryption.
AWS Infrastructure
Hosted on AWS with defense-in-depth and least-privilege access.
Continuously Audited
Benchmarked against AWS, CIS, NIST, and CMMC standards.
Your data is encrypted, end to end
We apply strong, industry-standard cryptography at every stage of your data's lifecycle—while it moves across the network and while it sits at rest in our databases and storage.
In transit
Every request to Rouxbe is served over HTTPS. Connections are protected with TLS 1.2 or higher and modern cipher suites, so data exchanged between your device and our servers cannot be read or tampered with in flight.
At rest
Data stored in our databases, file storage, and backups is encrypted using AES-256, one of the strongest block ciphers available and the standard trusted for protecting sensitive information.
Key management
Encryption keys are generated, stored, and rotated using AWS Key Management Service. Keys are isolated from the data they protect and access is tightly scoped and logged.
Hardened AWS infrastructure
Rouxbe runs on Amazon Web Services, inheriting the physical, network, and operational security of one of the world's most rigorously certified cloud platforms—and we layer our own controls on top.
Network isolation
Resources run inside private VPCs with security groups and network ACLs that restrict traffic to only what's required.
Least-privilege access
IAM roles and policies grant the minimum permissions needed, with multi-factor authentication required for administrative access.
Continuous monitoring
AWS Security Hub, GuardDuty, CloudTrail, and Config continuously watch for misconfigurations and suspicious activity.
Resilient backups
Automated, encrypted backups and multi-AZ redundancy keep data durable and recoverable.
Benchmarked against recognized frameworks
We don't just claim to be secure—we measure ourselves against established industry standards. Through AWS Security Hub, our environment is continuously and automatically checked for compliance readiness against the following standards.
AWS Foundational Security Best Practices v1.0.0
A curated set of automated security checks, defined by AWS security experts, that detect when AWS accounts and deployed resources fall out of alignment with best practices across AWS's most popular and foundational services.
CIS AWS Foundations Benchmark v1.4.0
Security configuration best practices for AWS from the Center for Internet Security (CIS). Security Hub automatically checks our compliance readiness against a subset of these requirements.
CIS AWS Foundations Benchmark v3.0.0
The latest revision of the CIS AWS Foundations Benchmark, expanding and updating the configuration best practices we are continuously evaluated against.
NIST Special Publication 800-171 Revision 2
Recommended security requirements for protecting the confidentiality of Controlled Unclassified Information (CUI). Security Hub checks our readiness against a subset of NIST 800-171 R2 requirements.
CMMC Level 1
Foundational cybersecurity practices for safeguarding federal contract information, supporting partners with public-sector and government training requirements.
SOC 2 Type II
In progressAn independent, third-party examination of our controls for security, availability, and confidentiality over time. Our SOC 2 Type II examination is currently underway.
Compliance benchmarks measure our configuration against published control sets via AWS Security Hub; they are part of our ongoing security program and are not, on their own, formal third-party certifications.
Security practices we live by
Strong technology is only part of the picture. We pair it with operational discipline so that security is maintained day to day, not just at launch.
Access control
Role-based access and least-privilege permissions ensure people and systems can reach only the data they need to do their jobs.
Multi-factor authentication
MFA is enforced for administrative and privileged access to our infrastructure and tooling.
Logging & auditability
Activity across our AWS environment is logged via CloudTrail and retained so events can be investigated and audited.
Patching & hardening
Systems and dependencies are kept up to date, and configurations are hardened against the benchmarks above.
Backup & recovery
Encrypted, automated backups and redundant infrastructure protect against data loss and support recovery.
Incident response
We monitor for anomalies and maintain processes to detect, respond to, and learn from security events.
Security & compliance documentation
Review the policies and standards that govern how we collect, use, and protect your data. For anything else, our security team is a message away.
Privacy Policy
How we collect, use, and protect personal data.
View documentTerms of Service
The terms that govern use of Rouxbe.
View documentAccessibility
Our commitment to an accessible platform for everyone.
View documentQuestions about our security posture? Get in touch