Trust • Security

Security-first by design.

Classic Campus is built for multi-tenant operations with strong tenant isolation, role-based access control, audit trails, and deployment flexibility (cloud or on‑prem).

Book Demo Integrations Support

RBAC everywhere Audit logs Backups & DR

Security highlights Core safeguards

Controls Data Ops

RBACLeast privilege

LogsAudit-ready

BackupsRecovery

Tenant isolation

Strong separation of data and access across institutions and campuses.

IsolationMulti-tenant

Access controls

Role-based permissions plus audit trails for every sensitive action.

RBACAudit

Secure backups

Backup strategy aligned with your deployment (cloud/on‑prem) and policies.

DRRestore tests

Privacy defaults

Data minimization, configurable retention, and export controls.

PrivacyControls

Security controls

Below is a practical checklist to help ICT and audit teams evaluate Classic Campus.

Identity & access

• Role-based access (RBAC)
• Department / campus scoping
• Approval workflows for high-risk actions
• Optional SSO (SAML/OIDC) for Enterprise

Audit & monitoring

• Tamper-aware audit trails
• Exportable logs for investigations
• Admin activity visibility
• Alerts for unusual patterns (configurable)

Data protection

• Encrypted secrets and secure configuration
• Privacy-first defaults for portals
• Controlled exports
• Data retention options (policy-driven)

Backups & disaster recovery

• Automated backups (cloud) or assisted (on‑prem)
• Restore testing guidance
• Optional standby environment for Enterprise
• Incident playbooks

Deployment hardening

• Secure headers and transport best practices
• Environment separation (dev/stage/prod)
• IP allowlists (optional)
• On‑prem hardening checklist

Compliance support

• Privacy policy + DPA templates
• Data access logging for audits
• Procurement-ready documentation
• Security review support for ICT teams

Need a security review call?

Book time with our team to review your requirements (on‑prem, SSO, audit logging, backups, and policies).

Schedule call Terms

How security is implemented (beyond buzzwords)

Below is a deeper explanation you can share with ICT, internal audit, and procurement. This is written in plain language, not marketing.

Tenant isolation

Each institution is logically isolated. Data access is always scoped to the tenant, with permission checks on every request and safe defaults for exports.

RBAC + least privilege

Roles map to real jobs (registrar, bursar, dean, lecturer, auditor). Sensitive actions can require approvals, and changes are tracked end‑to‑end.

Audit trails

Critical events (fee adjustments, results updates, user changes, approvals) write to audit logs you can export during investigations or annual audits.

Encryption & secrets

Use encrypted secrets for credentials and integrations, rotate keys, and separate environments (dev/stage/prod). Transport security is enforced with modern TLS and secure headers.

Backups & disaster recovery

Automated backups (cloud) or assisted backups (on‑prem). DR options include restore testing guidance, retention policies, and optional standby environments for Enterprise.

Security review checklist

A quick checklist for ICT teams—use it during vendor evaluation and procurement sign‑off.

Access & authenticationIdentity

Strong password policy + lockouts
Optional SSO (SAML/OIDC) for Enterprise
2FA-ready (policy based)
Approval workflows for sensitive actions

Operations & monitoringOps

Centralized logs for investigations
Alerts for unusual admin activity (configurable)
Restore drills guidance for DR readiness
Export controls (who can export what)

Need a security questionnaire answered?

Send your ICT/security checklist and we’ll respond with architecture notes, controls, and the right deployment option (cloud or on‑prem).

Schedule security call Integration security Support