September 10, 2025
PRIVACY & SECURITY
If you woke up this morning and couldn't access your banking app, send a Snapchat, or check your Ring doorbell, you weren't alone. A massive AWS outage in US-EAST-1 brought down dozens of major platforms.
Here's what should embarrass everyone affected: AWS offers multi-region deployment strategies. Companies that went down today chose to put all their eggs in one basket. That's not enterprise software, that's a single point of failure with a fancy “UI”.
The Template Problem
Many proctoring companies that popped up during the pandemic appear to have used the same AWS template for virtual proctoring. Nothing wrong with templates, but shipping the template as your product is “different.”
What's worse is what some do with the data. From The New York Times about Honorlock: “When something like that happens, Honorlock tells Amazon's engineers. They take our real data and use it to improve their A.I.,” said Smith.
Excuse me? Student data, exam recordings, faces, behaviors, sent to Amazon to train AI models. At Proctorio, we've been clear about privacy since 2013: we don't sell data, we don't share it with AI companies, and our end-to-end encryption means we couldn't even if we wanted to.
Shortcuts compound. If you're using a basic AWS template and feeding student data back to Amazon, what happens when that single region goes down? We know, your service goes offline. (Check their status pages: Respondus, Honorlock)
How We Built for Resilience
When you're in the business of exam integrity, downtime can derail a student's career. The infrastructure has to work. That's why we built Proctorio with paranoid redundancy across three layers:
DNS Redundancy
Remember the 2016 Dyn DNS attack? A massive DDoSbrought down Twitter, Netflix, Reddit, PayPal for hours.
We deploy multi-DNS using both Azure DNS and Constellix DNS. If one gets hit, traffic routes through the other. No single DNS provider can take us offline.
SSL Certificate Strategy
Proctorio uses three different SSL providers with staggered renewal and expiration dates. If one certificate expires or a root certificate gets compromised, we immediately swap to an already-valid certificate from another provider. Zero downtime.
We've also moved to shorter-lived certificates, aligning with the CA/Browser Forum's approved plan to reduce certificate lifespans to 47 days by March 2029. The timeline: 200 days by March 2026, 100 days by March 2027, 47 days by 2029. Apple's proposal passed unanimously.
Why? Shorter lifetimes reduce vulnerability windows and force automation. We're already there.
Multi-Cloud Infrastructure
Proctorio deploys across 26 regions worldwide, with primaries and redundancies in Azure, Cloudflare and AWS. Yes, we use AWS, but as one component of a multi-cloud architecture, not a single point of failure. See our full sub-processor list.
When AWS US-EAST-1 went down today, Proctorio kept running. Students kept taking exams. That's not luck, that's enterprise architecture.
What to Ask Your Vendors
If your service went down today, ask hard questions:
Did they choose single-region to save money?
If they cut corners on infrastructure, what else did they cut?
Do they have automated failover?
Is this actually enterprise software?
Enterprise means redundancy isn't an upsell, it's table stakes. Enterprise means every component will fail eventually, and you've planned for it.
We've been carbon negative since 2018. Never taken VC money. We're in this for the long haul. And part of that is building infrastructure that doesn't become someone else's problem when a cloud provider throws up.
Today's outage will fade from headlines. Most companies will quietly go back to single-region architectures because fixing this is hard and expensive. But if you're vetting vendors, ask to see architecture diagrams. Ask about DNS failover. Ask what happens when their primary region goes down. Ask if they are truly enterprise grade software.
Because in 2025, hoping isn't a strategy. Building resilient, redundant, paranoid infrastructure is.
Your students deserve better than a blank screen and an apology email.
