← All documents
Public Security Updated July 11, 2026

Incident Response

How we detect, contain, investigate, and communicate security incidents — with a 72-hour notification commitment.

Impact Suite maintains a documented, tested incident-response program designed to rapidly detect, contain, investigate, and remediate security events while keeping affected agencies informed.

Detection (24/7)

  • Automated monitoring via AWS CloudWatch — unusual access patterns, failed authentication, configuration changes, and traffic anomalies.
  • Security-event logging — authentication, privileged-account activity, data access, administrative actions, and API usage.
  • Anomaly detection and real-time alerting, plus employee and customer reporting channels.

Four-phase response

  1. Detection & initial response (0–2 hours) — leadership notified, preliminary assessment, severity classification (Critical/High/Medium/Low), and tracking.
  2. Containment (2–24 hours) — prevent further access, isolate systems/accounts, preserve evidence, assess impact.
  3. Investigation & eradication — forensic analysis, root-cause identification, timeline reconstruction, threat removal, and patching.
  4. Recovery & post-incident — restoration from secure backups, a post-mortem within 30 days, and security improvements.

Breach notification

We notify affected educational agencies within 72 hours of confirming a security incident involving personally identifiable information or student data. Notification includes the incident description and timeline, data categories affected, number of individuals affected, and containment/preventive actions. Individuals and regulators are notified where legally required.

Backup & recovery

Daily automated backups (30-day retention), encrypted and geographically distributed; Recovery Time Objective of 4 hours for critical systems and a Recovery Point Objective of 24 hours; multi-region AWS architecture with a 99.9% uptime target.

Testing

Annual tabletop exercises validate detection, team coordination, notification, technical response, and evidence collection.

To date, Impact Suite has not experienced a confirmed security breach involving unauthorized access to, or disclosure of, student data or personally identifiable information.