Skip to main content

Security Without Compromise

Built for institutional procurement from day one. FERPA, SOC 2, HECVAT, and WCAG 2.1 AA — not afterthoughts, but architecture decisions.

FERPA

Fully Compliant

SOC 2 Type II

In Progress

HECVAT

Questionnaire Ready

WCAG 2.1 AA

Conformant

Section 508

Compliant

Data Protection

Your Data, Fully Isolated

Single-tenant architecture with field-level encryption. Your data is never commingled with another institution.

Single-Tenant Architecture

Each institution runs on isolated infrastructure. Your data is never commingled with another institution. Full data sovereignty from day one.

Data Sovereignty

Choose your data region. Per-university AWS region selection ensures your data stays where your compliance requirements dictate.

Encryption at Rest

All data encrypted at rest using AES-256. Database fields containing PII are additionally encrypted at the application layer.

Encryption in Transit

HTTPS enforced across all endpoints. TLS 1.3 for all data in transit. HSTS headers with long max-age to prevent protocol downgrade.

Password Security

Bcrypt-12 hashing for all credentials. No plaintext storage, no reversible encryption. Rate-limited authentication endpoints.

Access Control

Your Identity Provider, Our Platform

SSO with Azure AD, Okta, or Shibboleth. Six roles, 21+ granular permissions, MFA-ready.

SSO Integration

SAML 2.0 and OAuth 2.0 support for institutional single sign-on. Works with Azure AD, Okta, Google Workspace, and Shibboleth.

Role-Based Access Control

6 distinct roles with 21+ granular permissions. Super Admin, Admin, Faculty, Student, Auditor, and Guest roles with fine-grained permission matrices.

MFA-Ready

Multi-factor authentication support for administrative accounts. TOTP-based second factor with backup recovery codes.

Audit Trail

Every Action, Logged

Immutable audit trails, verifiable certificates, and one-click compliance reports for accreditation bodies.

Immutable Audit Logs

PostgreSQL trigger-based audit trail captures every data mutation. Append-only logs cannot be modified or deleted, even by administrators.

Certificate Verification

Every issued certificate includes a public verification URL. Third parties can verify authenticity without requiring platform access.

Compliance Matrix

Pre-built compliance reporting for accreditation bodies. Export audit data in formats required by LCME, ABA, AACSB, and ABET.

Infrastructure

Built for Uptime

AWS multi-AZ, Terraform IaC, and 99.9% SLA. Infrastructure your procurement team can trust.

AWS-Hosted Infrastructure

Production workloads run on AWS with multi-AZ redundancy. Automated failover ensures continuity during infrastructure events.

Terraform IaC

All infrastructure defined as code using Terraform. Reproducible, auditable deployments with version-controlled infrastructure state.

99.9% Uptime SLA

Enterprise plans include a 99.9% uptime SLA with financial remediation. Real-time status monitoring and proactive incident communication.

Documentation

Procurement-Ready Documents

HECVAT, security whitepaper, and VPAT — download and forward to your review team today.

HECVAT Questionnaire

Higher Education Community Vendor Assessment Toolkit, completed and ready for review.

Security Whitepaper

Detailed overview of our security architecture, policies, and incident response procedures.

VPAT Document

Voluntary Product Accessibility Template documenting WCAG 2.1 AA conformance.

Security questions? Talk to engineering.

Our team is available to walk through your institution's specific compliance requirements.

Schedule a Security Review