Single Sign-On (SSO) Makes Authenticating Your Users Easy

    Branching Minds supports a variety of Single Sign-On (SSO) technologies and protocols, including but not limited to, Google Apps, Microsoft Azure AD, Active Directory/LDAP, and SAML. In addition, Branching Minds is capable of integrating with any OpenID or OAuth platforms and, if necessary, can configure both password and non-password based email authentication.

    Google Apps
    Microsoft Azure

    Data Interoperability Is Central to Everything We Do

    Effective RTI/MTSS hinges on teachers’ ability to see the whole child and to leverage all of the necessary data to know who needs support, what to do to support them, and whether or not the support provided has helped. To do this work well, teachers need access to all of those data. Fragmented data is a common limitation for districts and double entry of data is the downfall of any system. To support schools and districts’ efforts to achieve high-fidelity RTI/MTSS, Branching Minds continuously enhances our data interoperability practices. Below, please find an overview of the ways in which our platform will connect with student information systems, universal screeners, benchmarks and progress monitoring assessments. 



    Rostering Data

    The Branching Minds platform connects with student information systems in either automated or manual ways to support rostering. Our platform is Clever, ClassLink and RicOne enabled, we also support the Infinite Campus OneRoster API, and are compliant with One Roster CSV files, managed by school district exports.

    Class Link
    One Roster
    Infinite Campus

    Other Data Pulled from SIS

    Beyond rostering data, districts can also send student demographic data, IEP/504 status, FRL status, attendance concerns, gifted/talented status, and English proficiency (manual only, based on state’s EP levels). Both student behavior incidents and testing accommodations can be imported into and exported out of Branching Minds using CSV files through SFTP.  



    Assessment Data 

    Branching Minds supports both automatic ingestion of certain universal screener, benchmark and progress monitoring assessment data and manual ingestion of most others. Automatic ingestions can be set up to have the assessment data sent over from the assessment provider to Branching Minds on a scheduled basis. Manual ingestions must be done by Branching Minds, and the assessment data must be exported and sent by the district.

    Automated Assessment Ingestions

    Branching Minds currently has automated ingestions set up for Aimsweb Plus (for assessments and goals), Renaissance Star, iReady, and FastBridge. There are more automations under development, please feel free to reach out if you have questions about automating assessments beyond the ones named.


    Manual Assessment Ingestions:

    Branching Minds regularly supports ingestion of Fountas and Pinnell ODMS, mClass DIBELS (Amplify), NWEA MAP Growth, and Ohio’s State Tests. Data for these assessments must be manually sent to Branching Minds, but it can be sent as the raw export without additional formatting.

    NWEA map growth
    mClass Amplify
    Fountas & Pinnell
    Ohio state tests

    Branching Minds can ingest most other assessment data, as long as the assessment results can be displayed in one of the following fields: score, percentile, or level. All assessment data must also be sent with the student ID number and date of the assessment, and must be exported as one flat file per assessment, formatted in either a CSV or Excel file. 

    For more information on the specific export requirements for an assessment you will be using, please reach out to the Branching Minds Data Team at



    All data containing student information must be sent via the Branching Minds Cloud site or a secure SFTP connection.

    Sending data through Branching Minds Cloud:

    Branching Minds uses an internal SFTP site called Branching Minds Cloud ( to transfer student data and assessment data. The BrM Cloud site is hosted on our internal servers with the files residing within our secure SFTP. Each district will be provided a unique link that will allow them to upload their files to Branching Minds. 

    Sending data through SFTP:

    Branching Minds also supports the use of a secure SFTP connection to send student and assessment data. Districts wishing to automate the sending of their manual assessment files on a nightly basis can utilize this option. This SFTP is set up by Branching Minds, and the credentials are either  sent via a BrM Cloud link or relayed over the phone, but cannot be sent via email.

    Sending historical assessment/student data to Branching Minds:

    Branching Minds can ingest historical assessment data as well as historical supporting documents. Districts wishing to send historical data can do so as long as the student numbers have remained consistent.It is recommended to send no more than 2-3 years of historical data.


    Branching Minds Works on all Types of Devices, Operating Systems, and Browsers


    The Branching Minds platform is compatible with Google Chrome, Mozilla Firefox, Microsoft Internet Explorer (version 7 or later for optimal performance) and Apple Safari web browsers, and the Microsoft Windows, Apple OS and Linux operating systems for desktop or laptop computers. For optimal performance, we recommend Google Chrome.

    Branching Minds is optimized for mobile web browsers (including mobile Chrome and Safari browsers on iPads, Chromebooks, and other tablets).



    Branching Minds is a responsive web application that adapts to many different screen resolutions, including tablets and mobile devices. For an optimal desktop experience, we recommend using a screen width of 1280 pixels or more and maximizing your browser window size.



    We know that privacy is tremendously important to our partners. A high-level summary of our security practices is included in our privacy policy, accessible here. These practices include the following:

    At Branching Minds, we are serious about our data safeguarding responsibilities. We have implemented multiple security measures to protect PII from unauthorized disclosure.

    SOC 2 Type 2

    The Branching Minds application has a current SOC 2 Type 2 report available upon request and with a signed NDA.

    NIST CSF Alignment

    Branching Minds as an organization and product is aligned with the NIST Cybersecurity Framework.

    Data Encryption

    All data on Branching Minds systems is encrypted in transit and at rest.

    File Transfer Protocol

    Data is securely transferred to Branching minds using File Transfer Protocol (FTP) over secure (SSL/TLS) cryptographic protocol.


    Our virtual servers, containerized workloads and employee computers are scanned for malware using advanced EDR and anti-malware systems.

    Intelligent Threat Protection/Intrusion Detection

    Our cloud based systems are scanned constantly in real-time for advanced security threats using AI-based tools.

    Cloud Provider

    We store all of our data and host Branching Minds at secure off-site facilities managed by industry-leading Amazon Web Services (AWS) at their secured data centers in the United States. These data centers are housed in nondescript facilities and physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or AWS. All physical access to data centers by AWS employees is logged and audited routinely. All access to the information within Branching Minds stored on these servers is encrypted.


    Our systems are logically segmented within AWS.  Firewalls and virtual private clouds (VPCs) protect and enforce that segmentation and are periodically reviewed and updated as required.

    Cloud Audit Data

    Detailed, searchable information on all API calls and user actions in our infrastructure is captured and retained.  We alert on this data to provide real time security visibility.

    Security Audits

    Branching Minds conducts internal security audits and code reviews on a regular basis.

    Penetration Testing

    Branching Minds code undergoes penetration testing by an authorized 3rd party.  Findings are prioritized and remediated in a timely manner.

    Secure Programming Practices

    Branching Minds software developers utilize secure programming practices to reduce the possibility of introducing vulnerabilities to our application (like those identified by OWASP and SANS) that could lead to security breaches.

    Code Scanning

    Branching minds utilizes automated code-scanning software to ensure vulnerabilities in code are identified and prioritized for remediation before code is deployed.

    Secrets Management

    Application and system secrets are securely generated, stored and retrievable programmatically from a cloud-based secrets manager which utilizes HSMs (Hardware Security Modules). 

    Account Protection

    Each user of Branching Minds is required to create an account with a unique account name and password.

    Facility Security

    Branching Minds is located inside the continental United States. Physical access is protected by electronic access devices, with monitored security and fire/smoke alarm systems.

    Data Retention & Management

    All PII provided to Branching Minds will be destroyed upon termination of our relationship with the school or district, or when it is no longer needed for the purpose for which it was provided.

    Staff Training & Background Checks

    All employees and contractors undergo regular training on security best practices. All employees and contractors with access to PII or who work onsite undergo background checks.

    Third Party Vendor Monitoring

    All Branching Minds vendors are vetted and monitored internally on an ongoing basis to ensure they utilize industry-standard privacy and security protections.

    Password Protection

    All Branching Minds employees utilize an encrypted password storage system to safeguard sensitive login information.

    Data Leak Prevention (DLP)

    Branching Minds employs a leading DLP solution to ensure that sensitive information is not shared in an insecure fashion.

    DNS Security

    All Branching Minds domains are all DNSSEC compliant.

    We Utilize Best Practices to Destroy Your Data Once It’s No Longer Needed

    Branching Minds employs United States Department of Education best practice recommendations for data destruction using the following processes for data destruction: 

    • Unless otherwise requested by your district, all PII provided to Branching Minds will be destroyed upon termination of our relationship with you (typically during September of the school year following the school year in which your LEA opts to terminate our relationship), or when it is no longer needed for the purpose for which it was provided.

    • Data is destroyed using the National Institute of Standards and Technology (NIST) clear method sanitization that protects against non-invasive data recovery techniques.

    • Sensitive data will not be disposed of using methods (e.g.; file deletion, disk formatting, and one-way encryption) that leaves the majority of data intact and vulnerable to being retrieved.

    • The individual who performs the data destruction signs a certification form describing the destruction.

    • Occasionally, non-electronic media used within Branching Minds may contain PII. When these documents are no longer required, the non-electronic media is destroyed in a secure manner (most typically using a shredder) that renders it safe for disposal or recycling.

    Branching Minds Is Designed from the Ground Up to Support FERPA Compliance

    Restricted access to individually identifiable student and personnel data based on defined system roles to meet all FERPA requirements.

    Branching Minds is designed to give administrators flexibility to limit staff access to student information and to ensure that student and staff data is protected in accordance with all FERPA requirements. 

    After the initial onboarding process, teacher users have access to students listed on their class rosters, as reported by their student information system, while manager users have access to all students at their school (or district). Teacher users can then either request, or be assigned students who they do not initially have access too. In addition, teacher users and manager users can be assigned to multiple schools within a district.

    Branching Minds utilizes a permission system to ensure that student data is accessible to teacher users that are working with that student. Conversely, administrators are able to see all data at the campus and district level, depending on their access level. 

    Restricted access to individually identifiable student progress to staff members involved in educational support planning for the student and defined administrators.

    By default, Branching Minds restricts teacher user access to only those students who appear on their official school roster (as provided to Branching Minds through the student information system). Manager users (typically those coordinating RTI/MTSS, such as campus and district administrators, counselors and specialists such as school or district psychologists), who are defined explicitly by the district during implementation planning and onboarding, have access to all students at their school/district. Teacher users can then either request, or be assigned students who they do not initially have access to, by manager users. Both types of users may be assigned to multiple schools by manager users, as necessary.

    Proudly Certified

    • Data Privacy Certification by 1EdTech - branching minds-min
      Hover message
    • Customer Service Award by Business Intelligence Group - branching minds-min
      Hover message
    • Interoperability  Rating Tier 4 by Project Unicorn - Branching Minds-min
      Hover message
    • Research-Based Design Product Certification by Digital Promise - Branching Minds-min
      Hover message
    • Privacy Rating  by Common Sense - branching minds-min
      Hover message
    • Learner Variability Certification by Digital Promise - Branching Minds-min
      Hover message
    • essa-level-iv-branching-minds-min
      Hover message
    • SOC 2 Type 2 Certification by AICPA-min (1)
      Hover message