Security at Autotend

We take the security of student data seriously. Our platform is built with security at its core, following industry best practices and compliance standards.

🔐

Encryption

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.

SOC 2 Type II

Independently audited for security, availability, and confidentiality controls.

🛡️

Access Controls

Role-based access control (RBAC) ensures users only access data they need.

🔍

Penetration Testing

Regular third-party penetration tests identify and address vulnerabilities.

☁️

Secure Infrastructure

Hosted on AWS with enterprise-grade security and 99.9% uptime SLA.

Incident Response

24/7 monitoring with documented incident response procedures.

Security Practices

Data Protection

  • All data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Database backups encrypted and stored in geographically separate locations
  • Sensitive data fields (PII) receive additional encryption layers
  • Regular data access audits and logging

Application Security

  • Secure software development lifecycle (SSDLC)
  • Code reviews and automated security scanning
  • OWASP Top 10 vulnerability protection
  • Regular dependency updates and vulnerability patching
  • Input validation and output encoding

Infrastructure Security

  • Hosted on AWS with SOC 2, ISO 27001, and FedRAMP certifications
  • Virtual private cloud (VPC) network isolation
  • Web application firewall (WAF) protection
  • DDoS protection and rate limiting
  • Automated security monitoring and alerting

Access Management

  • Multi-factor authentication (MFA) for all staff
  • Principle of least privilege access
  • Regular access reviews and deprovisioning
  • SSO integration with institutional identity providers
  • Session timeout and secure cookie handling

Employee Security

  • Background checks for all employees
  • Security awareness training
  • Confidentiality agreements
  • Secure remote work policies

Security Questions?

For security inquiries, vulnerability reports, or to request our SOC 2 report, contact our security team.

Contact security@autotend.io →