Clever Engineering Blog — Always a Student

privacy

Privacy and Security in Clever Messaging

By Ulzii Otgonbaatar on

Designing and engineering a messaging system that is used by 6.8 million students and  half a million teachers in K-12 schools is no easy feat. While the typical threats  against online systems from unauthorized and unauthenticated access to sensitive information remain, the school environment compounds privacy challenges as additional entities such as guardians, co-teachers, and […]

Securing New Products at Clever

By Alex Smolen on

Clever Goals is a new product that tracks students’ educational software usage. It creates progress data, a new type of data for Clever. This sensitive data needs to be protected from unauthorized access, and users should feel in control over how it’s used. How does the Clever security team make sure that new products like […]

Securing Saved-password Applications

By Alex Smolen on

The password is both a ubiquitous and brittle security mechanism. With the emergence of new security trends like post-quantum cryptography and IoT-botnet attacks, it’s easy to overlook attacks that exploit guessable, reused, or coerced passwords. But the wherewithal among users to use strong passwords and keep them safe is rare. Despite decades of practice, managing […]

Clever Badges & Our Commitment to Security

By Alex Smolen on

Clever Badges makes it easy for K-2 students to log into applications. As with any new feature, we wanted to understand and address any potential security risks before we launched Clever Badges to our users. If we built Clever Badges without thinking deeply about security, it would have been easy to introduce a vulnerability and […]

Open Sourcing our Policies

By Mohit Gupta on

Student Data privacy and security are our foremost responsibilities here at Clever. We invest heavily to ensure that we are improving privacy for schools, students, and teachers, and we make sure that everyone at Clever is constantly working towards this goal. About five months ago, we were made aware of aspects of our privacy policy […]