SECURITY

The Players NIL utilizes Thinkific, a third party site as our online learning platform. We chose Thinkific because they had the experience and reliability to support our prestigious NIL learning academy. We also chose Thinkific because of its robust data security program, described below.

Thinkic’s cloud-based platform is purpose built for the cloud based on fundamental principles of security and privacy. Its platform has implemented a combination of best in class security, privacy and compliance controls to keep The Players NIL, our customers and learners’ connections and data safe.

Thinkific describes its strong security program as follows:
https://www.thinkific.com/security-overview/

DATA SECURITY & PRIVACY CONTROL

Data Centers
Thinkific’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology as well as the Google Cloud Platform (GCP) technology. Both Amazon and Google continually manage risk and undergo recurring assessments to ensure compliance with industry standards as seen here and here, respectively. Thinkific hosts customer and learner data in the United States.

Access Management, Encryption & Endpoint Security

Access Management

  • Thinkific adheres to the principles of least privilege and role-based permissions when provisioning access; employees are only authorized to access data that they reasonably must handle in order to fulfill their current job responsibilities.
  • Thinkific utilizes multi-factor authentication for employee access to internal systems. VPN multi-factor and SSH are required for accessing the Thinkific Hosted environments.
  • Thinkific employees are required to use an approved password manager.

Encryption

  • Thinkific encrypts data using secure cryptographic algorithms.
  • All data in transit is encrypted using TLS 1.2 or greater.
  • Thinkific leverages AES-256 encryption for data at rest.
  • Key management is in place for all Thinkific encryption keys.

Endpoint Security

  • Thinkific employee endpoints are configured to comply with Thinkific security standards.
  • These standards require all endpoints to be properly configured, updated, and utilize up-to-date Endpoint Protection software, that endpoints employ encryption at rest, have strong complex passwords, and lock when idle.

 

Network Security & System Monitoring

Network Security and Server Hardening

  • Thinkific segments its platform layers into separate networks with restrictive access between layers to protect customer data.
  • Thinkific utilizes separate hosting environments for Staging, Development, and Production.
  • Thinkific hardens its endpoints and services according to industry-standard CIS benchmarks.
  • Network access to Thinkific’s hosting environment is restricted with only load balancers accessible from the Public Internet.
  • Thinkific logs, monitors, and audits all system events, and has alerting in place for events that indicate a potential intrusion or exfiltration attempt.

System Monitoring, Logging, and Alerting

  • Thinkific uses an industry-leading Security Information and Event Management (SIEM) solution to collect, aggregate, and correlate millions of system events a day across Thinkific’s hosting environments to provide Security and DevOps teams with real-time insight into potential security events.
  • Administrative access, use of privileged commands, and system events on all endpoints in Thinkific hosting environments are logged and monitored.
  • Analysis of logs is automated to detect potential issues and alert the Security and DevOps teams.

 

Penetration Testing & Vulnerability Management

Vulnerability Management & Penetration Testing

  • Thinkific tests all code for security vulnerabilities before release and regularly scans its network and systems for vulnerabilities.
  • Thinkific engages a third party service to conduct application and infrastructure penetration tests on a quarterly basis.
  • Results of these tests are prioritized and remediated in a timely manner and shared with senior management.

 

Application Security

Application Security Overview

  • Thinkific’s secure software development life cycle aligns with OWASP best practices.
  • All code changes require peer-review and testing (both manual and automated) prior to promotion to production. No single individual may request and implement changes without a review from several other individuals and all changes are logged and tracked.
  • All developers are required to complete training on secure development practices.

 

Data Privacy

Data Privacy Overview

Thinkific’s data privacy controls are designed to honor our obligations around how we collect, process, use and share personal data, as well as our processes to support data retention and disclosure in compliance with applicable privacy laws. Thinkific collects and uses personal data in accordance with our Privacy Policy, and offers our course creators a Data Processing Addendum and CCPA Service Provider Addendum that complies with the GDPR and CCPA.

 

Data Sharing and Processing

  • Thinkific’s platform complies with the GDPR and CCPA and provides a high level of protection for course creator and learner personal data. This includes only collecting, processing, and storing customer data in compliance with these obligations and providing you the right to access or delete it at any time.
  • Thinkific has implemented policies that provide controls for deleting customer data when it is no longer needed for a legitimate business purpose.
  • Thinkific uses cookies only in accordance with their Cookies Policy.
  • Thinkific also requires their data processing vendors to certify the use of customer data for no other purposes than the provision of services.

Vendor Management

  • Thinkific only shares customer data with third parties that contractually agree to protect the confidentiality and privacy of the data.
  • Thinkific has established agreements that require subprocessors to adhere to confidentiality commitments and take appropriate steps to ensure our
    security posture is maintained. Thinkific only exports personal data outside of the EEA in compliance with the GDPR, including by transferring
    personal data to subprocessors on the basis of the updated Standard Contractual Clauses where required.
  • Thinkific monitors these sub-processing vendors by conducting reviews of their controls before use and at least annually.

Responding to Security Incidents

  • Thinkific has established policies and procedures for responding to security incidents.
  • All security incidents are managed by Thinkific’s Security Incident Response Team. The policies define the types of events that must be managed via the incident response process and classify them based on severity.
  • Incident response procedures are tested and updated at least annually.

 

Credit Cards

TPNIL securely processes credit card information in accordance with PCI-DSS standards. TPNIL does not access or store any credit card information. Instead, we have partnered with Stripe to securely handle credit card information. You can learn more about Stripe’s security here.

The foregoing information and representations are provided by Thinkific and can be found at:
https://www.thinkific.com/security-overview/

 

 

Financial Literacy
Pillar 5


The final course, Financial Literacy, will not only teach student-athletes how to manage their finances, but also how to build long-term wealth through investing and leading a financially responsible life.

Philanthropy and Community Service
Pillar 4


Giving back to the community is a critical part of brand-building and maintaining a positive association with your brand. The Philanthropy and Community Service course covers various ways for student-athletes to give back throughout the course of their career.

Legal, Tax, and Compliance
Pillar 3


In the Legal, Tax, and Compliance course, student-athletes will learn important business skills and NIL-related regulations they will need to follow. Valuable tax-related information is also included as navigating taxes as an independent contractor or starting a business can be tricky for young adults.

Influencer and Brand Relations
Pillar 2


Influencer and Brand Relations teaches student-athletes how to determine and increase their value to potential partners, negotiate deals, and commons mishaps to look out for.

Personal Brand Development
Pillar 1


In our Personal Brand Development course, student-athletes will learn why it's necessary to build your own personal brand, as well as actionable steps to take to get started. We'll also go through managing your image and controlling your narrative across multiple platforms, and critical mistakes to avoid along the way.

Enroll Now

The Five-Pillars Course is now available!

Enroll by August 31, 2022 and get it for only $525 (Reg. price $585).

Use code tpnil60 on the checkout page to redeem.

We can’t wait to help you build a brighter future.

    Sport*

    Sport 2

    Sport 3

    Please note: The Players NIL Five-Pillars Course is currently available for purchase and the first Pillar module is live and can be accessed today! Each subsequent Pillar module will be released in the coming weeks according to our release schedule:

    Pillar 1: Personal Brand Development
    Available now!

    Pillar 2: Influencer & Brand Relations
    Available now!

    Pillar 3: Legal, Tax, and Compliance
    Available now!

    Pillar 4: Philanthropy and Community Service
    Available now!

    Pillar 5: Financial Literacy
    August 9, 2022

    Enroll Now

    Let’s get started today!

    We can’t wait to help you build a brighter future.

      Sport*

      Sport 2

      Sport 3

      Disclaimer: All of the content created and released on The Players NIL channels are made as a guide and/or educational tools. Please consume all content at your discretion. The Players NIL is not a certified personal development or financial coach and does not guarantee any financial or professional results.

      Mark Koesterer
      Founder

      Welcome. I’m Mark Koesterer, founder of The Players NIL, and I have a deep passion for this work. My background includes a long and extensive relationship with the sporting industry. As a former college athlete, I have first hand experience navigating the collegiate world. As a father of college athletes, I was actively involved with supporting the requirements needed to compete at the highest level, while maintaining focus on broader life goals. As the president and CEO of Sports Studio, I helped build a successful Hollywood sports and entertainment company.

      At Sports Studio, I interacted with athletes, brands, production companies, professional sports leagues, and agents. All of this gave me expert-level experience in digital marketing, branding, production, group licensing, sponsorship, influencer marketing, apparel design and production, and fan engagement.

      It’s ALL of this collective experience that I offer, while bringing you a premier level of service that will help you reach your goals. If you would like to learn how to build your brand and maximize your NIL potential, contact me today.

      The Players NIL is built for YOU.

      Apply Now!

      We can’t wait to learn more about you.

        I certify that I am at least 18 years of age.*
        I have read and agree to The Players NIL Independent Contractor Agreement in the event I am selected.*