This article is intended to provide an overview of the information security related aspects of the Aperian Global GlobeSmart® Learning Platform (GlobeSmart) which includes GlobeSmart Culture Guides, the GlobeSmart Profile, Learning Modules, and Assessments.
The website can be found at https://globesmart.aperianglobal.com.
Personal Information (PI) Collected by Aperian Global
This website collects minimal personal information (PI), not generally considered as sensitive. No financial, health-related (HIPAA) information or GDPR special categories are collected.
For a complete list of PI collected, see question number 3 below.
GlobeSmart is an online learning platform that helps individuals explore business topics related to over 95 cultures, so that they can work more effectively with people from different cultures. The GlobeSmart Profile is a cultural inventory that helps individuals discover their preferred work style. It is not meant to be a predictor of success or a tool to select any individual for a role or an assignment.
GlobeSmart Learning Modules are linear, self-paced courses where users can learn about improving global collaboration, promoting diversity and inclusion, or developing a global mindset.
Assessments include survey interactions that result in scores and individual feedback reports on teamwork, leadership, cultural knowledge, and inclusion.
GlobeSmart is licensed by over 170 global organizations (10% of Global Fortune 100 companies) and leveraged in our work with more than 30% of the Global Fortune 100, spread across industries and geographies. Many of our clients have stringent information security policies and have approved GlobeSmart for use in their organizations.
Frequently Asked Questions
Below are Frequently Asked Questions related to information security of the GlobeSmart Learning Platform (GlobeSmart). Should you have any specific questions, please contact your Aperian Global Account Manager or GlobeSmart Engagement Manager.
1. What are the minimum browser and system requirements for the GlobeSmart Learning Platform?
Users would need to register on http://globesmart.aperianglobal.com and continue to access this link by logging into their individual user accounts that are linked to the corporate account.
To access the link, the users’ computers need to be able to access the internet.
- Internet Speed/Bandwidth requirement of 768 kbps
- Pop-Up blockers should be disabled.
- Processor: Pentium 3 or better
- Minimum 256mb RAM
- Browser: The latest versions of internet browsers are supported, including Google Chrome, Safari, Mozilla Firefox, and Microsoft Edge
- If not using a single-sign on solution (SSO), users need a valid email address
2. Security and Location of Services
Service is primarily provided from the Aperian Global office in Raleigh, North Carolina, U.S. Colleagues in our Oakland, California, U.S. and our Bangalore, India office also provide service.
Aperian Global’s applications are hosted on state-of-the-art, high-security data centers located in the U.S. as follows:
- GlobeSmart Learning Portal (https://globesmart.aperianglobal.com) on Amazon Web Services (AWS)
- Aperian Global Learning Portal (https://learning.aperianglobal.com) on Google Cloud Platform (GCP)
These cloud providers security information can be viewed here:
Application Subprocessor List
Application Platform Components
3. What personal information is gathered by the GlobeSmart Learning Platform?
GlobeSmart requires the following personal information to create and register an account:
- Email address
- First and Last name
- IP address - this data is collected automatically
GlobeSmart users may respond to demographic questions to include their home culture and job type in their GlobeSmart Account Settings. Demographic questions are optional and each drop-down menu includes an “I choose not to respond” option.
4. Who has access to users' personal information?
Aperian Global software developers have access to the database of user data for the purpose of site development, operation, maintenance, and troubleshooting issues. Aperian Global Technical Support Agents and Product Development team members have limited access to user records in order to provide customer support.
5. Data Protection
- How do you protect employees email addresses and other employee data on your servers?
- Aperian Global’s networks and servers are protected by firewalls, load-balancers, antivirus, and other industry standard best practices for data security.
- As users access the system, individuals select their own password at registration. The encrypted passwords are saved in the encrypted databases. Access is granted by email and password unless the Single Sign On (SAML) option has been enabled.
- How do you protect employees email addresses and other employee data during transmission and at rest?
- All server connections are over HTTPS/TLS (SHA256withRSA). Our web site receives an A+ security rating from SSLLabs, which you can view here: https://www.ssllabs.com/ssltest/analyze.html?d=globesmart.aperianglobal.com
- Databases and backups are encrypted via AWS RDS/AES-256 encryption.
- Are logins to the application being recorded in a log (connection data)?
- Please comment on the deletion of data, in case of termination or expiration of the agreement.
- If the client wishes to renew the account after 6 months time, they will be treated as a new company (since no data will exist in our system).
- We can delete client and associated users information sooner upon written request by client.
- What ports does GlobeSmart use?
- Port 443 (TLS)
6. What are the application's password requirements?
The application's password requirements are: passwords must have a minimum ten (10) characters; utilize lowercase (a-z), upper case (A-Z), numbers (0-9) and special characters (!@#$%^&*); and contain no more than 2 identical characters in a row. Additionally, users are not allowed to re-use any of their last 5 passwords. Accounts are locked after 10 unsuccessful login attempts.
Sessions timeout after 30 minutes of idle time and the user must login again to begin a new session.
7. General Legal inquiries
- In addition to careful hiring, we conduct criminal background checks on all employees with access to client data including access to the backend of GlobeSmart and related systems.
8. Security Breaches and Notifications
- Does Aperian Global have a defined communication plan for any outages, data loss, and/or other unplanned event or outage?
- We do have a communication plan and also handle these situations on a case-by-case basis.
- Does Aperian Global run data back-ups?
- Data backups are as follows: daily incremental, weekly full. Database transactions hourly. Backups are stored on-site for 30 days.