All systems operational

Security
built in,
not bolted on

From day one, DigiRoad's architecture was designed with security at its core , not compliance checkboxes, but a genuine commitment to protecting every student's data and every institution's trust.

Talk to us See how it works
All services nominal
AES-256 TLS 1.3 Zero-Knowledge Zero-Trust
How we protect you

Multiple layers.
Zero weak links.

We didn't want security that passes an audit , we wanted security that actually works. Every component is independently hardened so a failure in one layer can't cascade.

End-to-End Encryption
AES-256 at rest. TLS 1.3 in transit. Your data is encrypted before it leaves the institution and only decrypted at the authorised endpoint , nothing else can read it.
Zero-Trust Architecture
Every request is verified regardless of origin , even within our own network. Micro-segmentation ensures lateral movement is impossible if any component is ever compromised.
Phishing-Resistant MFA
TOTP, hardware keys (WebAuthn), and biometrics for all privileged access. We don't allow SMS OTP for admin surfaces , it's too easy to intercept.
Immutable Audit Logs
Every access, change, and event is written to a tamper-proof WORM log. Forensic-grade traceability for every action taken on your institution's data.
Infrastructure

Designed to be
hard to break.

Our stack is purpose-built for the global student economy , where trust is non-negotiable and a single breach can affect millions of lives.

WAF at the edge Every incoming request passes through a Web Application Firewall that blocks known attack patterns, rate-limits abuse, and geo-fences high-risk traffic in real time.
Isolated service boundaries Our microservices are network-isolated by default. Identity, payments, and data services can't communicate unless explicitly permitted , and those permissions are audited.
Automatic key rotation Encryption keys rotate on a 90-day cycle via a Hardware Security Module. No engineer can ever see a plaintext key , not even us.
BROWSER / APP WAF API GATEWAY IDENTITY SVC PAYMENT SVC AES-256 encrypted
Data protection

Your data never
travels unprotected.

We encrypt everything , not because we have to, but because it's the right default. Unencrypted data simply doesn't exist in our system.

At Rest
AES-256
Encryption

Every database record, file, and backup is encrypted with AES-256-GCM. Keys live in a dedicated HSM and rotate automatically every 90 days.

FIPS 140-2 Level 3
In Transit
TLS 1.3
Only

We enforce TLS 1.3 exclusively , no fallback to older protocols. Certificate pinning prevents MITM attacks across all mobile clients.

HSTS Preloaded
By Design
Zero-Knowledge
Architecture

Sensitive credentials , like passwords and payment tokens , are processed using zero-knowledge proofs. We verify without ever storing the secret itself.

RFC 9380 compliant
AUDIT_LOG , LIVE FEED
Live
14:02:01HEALTH_CHECK: all services nominalOK
14:02:03TLS_CERT: all certs valid > 60dOK
14:02:07WAF: 185.220.x.x , TOR exit blockedBLOCK
14:02:11GEO_FENCE: sanctioned region deniedDENY
14:02:14LOGIN_ANOMALY: velocity nominalPASS
14:02:19WAF: SQLi attempt , rule WAF-039BLOCKED
14:02:24AUDIT_WORM: 14,820 events committedLOGGED
14:02:28KEY_ROTATION: HSM cycle completeROTATED
14:02:33RBAC_AUDIT: permissions verified cleanOK
14:02:38SESSION: idle timeout enforced × 3EXPIRED
Access & Control

Who can do what,
always audited.

Access control isn't an afterthought , it's how we were built. Every user, every role, every permission is explicit, logged, and reviewable.

SSO / SAML 2.0
Integrate with your existing identity provider in minutes.
Role-Based Access
Granular RBAC ensures users see only what they need to.
Hardware MFA
WebAuthn / FIDO2 for all privileged accounts , no SMS.
Session Controls
Configurable idle timeout, IP pinning, and device trust policies.
Auto De-provisioning
Accounts are revoked within 60 seconds of offboarding.
Tamper-Proof Logs
WORM audit trail for every access event. Immutable, 7yr retention.
FAQ

Security questions,
straight answers.

We try to be radically transparent about how we protect your data. Can't find what you're looking for?

Ask our team directly
Yes. DigiRoad supports data residency in the EU, US, UK, and APAC regions. You choose your primary region during onboarding, and all data , including backups , stays within that jurisdiction. Cross-region replication is opt-in only and requires explicit consent.
We notify affected institutions within 72 hours of a confirmed incident , ahead of GDPR requirements. Our response playbook includes automated containment, forensic evidence preservation, and a dedicated escalation channel. Post-incident reports are delivered within 14 days.
Yes. With 5 business days' written notice, you can run a coordinated pen test against a dedicated sandbox environment. We'll assign a security engineer as your point of contact and share a technical briefing before you start. Results shared under mutual NDA.
No. Production data access requires dual authorisation and is time-limited. All access is logged and reviewed. Our support workflows are designed so issues can be diagnosed without engineers ever reading raw student records.
We maintain a public subprocessor list and provide 30-day notice before adding new ones. Every vendor undergoes a security review before onboarding. Data shared with subprocessors is contractually bound to the same standards we hold ourselves to.
We target 99.9% uptime across all core services, with planned maintenance windows communicated at least 72 hours in advance. Our status page is public and updated in real time. Enterprise SLAs with financial credits are available on request.
Get started

Security shouldn't
be a differentiator.

It should be the baseline. See how DigiRoad makes it effortless for your institution to start on solid ground.

Request a Demo Read the FAQ