menu opener

PowerSchool Leads Education Technology Industry in AI Security with Rigorous Penetration Testing and Continuous Improvement

Through comprehensive red teaming and Responsible AI guardrails, PowerSchool sets the gold standard for secure AI implementation in education technology

FOLSOM, CA – July 24, 2024 – PowerSchool (NYSE: PWSC), a leading provider of cloud-based software for K-12 education, announced today its latest investment in practice measures to fortify its systems and AI security by enlisting an independent third-party security service provider, to perform AI penetration testing (also known as Red Teaming) of PowerSchool’s AI assistant, PowerBuddy™. Conducted by a professional team of highly skilled AI security experts, the testing went beyond mere adherence to industry standards. It involved rigorous tactics using adversarial simulations, bolstering the security of PowerSchool products, layering in all of PowerSchool’s defense measures establishing a cadence to continuously assess and enhance PowerSchool’s security protocols.  

The assessment demonstrates PowerSchool’s alignment to the Open Web Application Security Project (OWASP) Top 10 LLM recommendations and vendor best practices. 

A recent survey of school IT professionals found that 80 percent of schools across 14 nations – including the U.S. – had been the victims of ransomware attacks in 2022 and that K-12 education was the single most targeted industry. 

“Now more than ever, stringent data security in AI-powered innovation is paramount to safeguarding sensitive customer data, ensuring privacy, maintaining trust, complying with regulations, preventing breaches, upholding ethical standards, and ensuring operational continuity,” said Rich Gay, Chief Information Security Officer and Vice President of Development at PowerSchool. “By embracing OWASP’s industry-leading best practices of red teaming for PowerBuddy, we strengthen our cybersecurity measures and ensure maximum protection of user data, proudly setting new standards for rigorous controls across education technology.” 

PowerSchool has also heavily invested in optimizing PowerBuddy’s capabilities for K-12 by implementing safeguards for content safety, detecting and protecting Personally Identifiable Information (PII), identifying and addressing biases and hallucinations, alerting educators about time-sensitive issues like self-harm, and ensuring responses are age and grade appropriate. These measures also include district-level controls and additional features to support secure and responsible usage. 

Unlike other AI vendors and solutions that require pushing data to external platforms, PowerBuddy operates on PowerSchool’s secure Data-as-a-Service platform called Connected Intelligence which brings AI to district’s data. This unique approach ensures that sensitive student data remains within a secure, district-controlled, environment that offers stringent data governance, security, and privacy controls to minimize risks associated with third-party data handling. 

PowerSchool’s proactive approach not only enhances overall cybersecurity readiness but also fosters trust among students, parents, and educators by demonstrating a commitment to safeguarding sensitive information. 

Commitment to the Highest Standards 

PowerSchool’s substantial investment in advanced security technologies, such as static and dynamic code scanning, top-tier Web Application Firewalls, and over 30 annual penetration tests, underscores its commitment to unparalleled protection. As a signatory of the Student Privacy Pledge 2020, PowerSchool complies with all relevant regulations and independently verifies its security management system annually, achieving ISO:27001 and SOC2 Type 2 certifications. PowerSchool has also joined the White House H-12 Education Technology Secure by Design Pledge and collaborates with COSN on the K-12 Community Vendor Assessment Tool, while partnering with 1EdTech to ensure industry standards and data privacy best practices. PowerSchool products are certified as TrustEd Apps by 1EdTech. 

Test reports and associated documents are available to customers upon request. For more information on PowerSchool’s security, visit https://www/powerschool.com/security/.   

About PowerSchool

PowerSchool (NYSE: PWSC) is a leading provider of cloud-based software for K-12 education in North America. Its mission is to empower educators, administrators, and families to ensure personalized education for every student journey. PowerSchool offers end-to-end product clouds that connect the central office to the classroom to the home with award-winning products including Schoology Learning and Naviance CCLR, so school districts can securely manage student data, enrollment, attendance, grades, instruction, assessments, human resources, talent, professional development, special education, data analytics and insights, communications, and college and career readiness. PowerSchool supports over 55 million students in more than 90 countries and over 17,000 customers, including more than 90 of the top 100 districts by student enrollment in the United States. Learn more at powerschoolstg.powerschool.com.

© PowerSchool. PowerSchool and other PowerSchool marks are trademarks of PowerSchool Holdings, Inc. or its subsidiaries. Other names and brands may be claimed as the property of others.

 

Ready to Connect?

Let’s discuss your priorities and how we can support your organization’s goals.