Security & Compliance

☁️Cloud Infrastructure

Hosted on enterprise-grade cloud infrastructure with 99.9% uptime SLA. Our servers are distributed across multiple availability zones for redundancy and disaster recovery.

🔐Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Database encryption keys are rotated regularly and managed through secure key management systems.

🛡️Network Security

Protected by enterprise firewalls, DDoS mitigation, intrusion detection systems, and regular vulnerability scanning. All network traffic is monitored 24/7.

💾Backups

Automated daily backups with point-in-time recovery. Backups are encrypted, geographically distributed, and tested regularly to ensure data can be restored quickly.

🔑Authentication & Authorization

Multi-factor authentication (MFA) available for all accounts. Role-based access control (RBAC) ensures users only see data relevant to their role.

• Password requirements enforce strong credentials
• Session management with automatic timeout
• Single sign-on (SSO) support for enterprise customers

🔍Security Testing

Continuous security testing throughout the development lifecycle:

• Automated vulnerability scanning on every code commit
• Annual third-party penetration testing
• Regular security audits and code reviews
• Bug bounty program for responsible disclosure

📊Monitoring & Logging

Comprehensive logging of all system activities with real-time monitoring and alerting. Security events are analyzed using advanced threat detection systems. Logs are retained for compliance and forensic analysis.

Data Ownership

You own your data. We never sell or share your data with third parties for marketing purposes. You can export your data at any time in standard formats.

Data Residency

Data is stored in secure data centers with options for regional data residency to comply with local regulations. Nigerian schools can choose to have their data stored exclusively within Nigeria.

Data Deletion

When you delete data or close your account, we permanently delete your information within 30 days, except where retention is required by law.

Employee Access

Strict access controls limit employee access to customer data. All employees undergo background checks and security training. Access is logged and regularly audited.

Security Training

All team members complete security awareness training during onboarding and annually thereafter. We maintain a security-first culture across the organization.

Incident Response

We maintain a comprehensive incident response plan with 24/7 security monitoring. In the unlikely event of a security incident, we follow established protocols to contain, investigate, and remediate issues while keeping affected customers informed.