Over six thousand companies in more than 90 countries use BlinkExam, software, services and support to transform the way they hire, reskill and assess test-takers.
Our products and services are empowering our clients with world-class assessments. However, providing a safe and trustworthy data storage environment is the key to our success.
Your Data Security Is Our Highest Priority
Our Compliances
BlinkExam Is ISO 27001:2013 Compliant
- We deploy AWS CloudWatch to monitor all events in AWS where our products are hosted.
- We possess all controls related to secure development, encryption and key management.
- The development of the products is in line with secure development standards mandated by various security organizations such as NIST and SANS.
BlinkExam Is ISO 9001:2015 Compliant
- BlinkExam has built a framework to ensure consistent quality of services.
- We have focused on robust improvements in the standard process approach.
BlinkExam Is ISO 20000:2018 Compliant
- BlinkExam has built a framework to ensure consistent quality of services.
- We have focused on robust improvements in the standard process approach.
BlinkExam Is Fully GDPR Compliant
- Our policies and processes adhere to GDPR principles of Data Subject Rights, their PIIs, collection and storage and PII processing and retention.
- We review our policies and processes annually or when a change is required because of regulations.
Data Storage
Data Hosting on AWS
Our data is hosted on Amazon Web Services, one of the most secure cloud computing environments available on the market.
Localized Servers
We have localized data storage in Europe | China | India
Data Encryption
Data Encryption in Transit
Critical data exchanged between test-takers and BlinkExam over the network is encrypted at the column level in RDS. This mechanism provides added security to sensitive data such as question text, ensuring that it cannot be read by human eyes to safeguard against any breach.
- Data exchanged over the network between test-takers and an invigilator is secured and encrypted via HTTPS (256-bit SSL encryption).
- We enable a security protocol of TLS1.2 to support the secure transmission of HTTP calls.
Data Encryption at Rest
Databases, where personal information, exam records and other sensitive details of candidates and clients are gathered, are stored in an uncompromisable maximum security storage environment.
- We never barter or sell any information to outside partners
- We do not use stored data for marketing interests
- For endpoint access, we offer various authentication combinations to address any vulnerability
The most critical data, such as a question set, is also encrypted in a way that BlinkExam employees managing the assessment cannot view it. Only an authorized admin can view it.
Testing Protocol
Penetration Testing
- BlinkExam engages with external parties for penetration testing annually.
- We also undertake network penetration testing annually.
- External partners are involved in delivering unbiased test reports and analyses annually.
Vulnerability Scanning
- BlinkExam conducts vulnerability assessments that are assisted by internal experts and external partners.
- We undertake third-party network and application vulnerability tests annually.
- Additionally, we run defined tools daily to discover any application vulnerability.
Malware Safety Protocols
BlinkExam Has adopted Top-Notch Data Security and Virus Protection Standards Practiced Pioneering The Future
VAPT and Patch Management System
- We run best-in-class Vulnerability Assessment and Penetration Testing (VAPT) programs.
- Our VAPT programs deal with Ransomware, Botnet and other related threats.
IT Systems Security
- We have installed stringent data safety and antivirus software on all employee devices.
- We run the most secure authentication processes on all our laptops and desktops.
Audit Reports
BlinkExam performs an internal audit for all departments once every six months
01. Web Application Penetration Testing
We achieved a VAPT report with the closure of ‘critical,’ ‘high,’ and ‘medium’ vulnerabilities.
03. NIST – Cyber Security
We follow NIST to secure the devices and BlinkExam set up to ensure security according to the latest threats.
05. Qualys
All ‘critical’ and ‘high’ category vulnerabilities were closed by implementing the Patch Management Policy.
02. White Hat Application Scan
Application-level changes are planned in phases with secure versions to avoid any threats in the future.
04. Network Assessment and Penetration Testing
We successfully closed ‘critical,’ ‘high,’ and ‘low’ category vulnerabilities diagnosed for the external network test report for AWS setup.
Choose Talent Assessments to Better Assess Your Employees & Students
Get 30 days free when you sign up now.
