# Security At Edusuite, we prioritize the safety and privacy of institutional data. The **Edusuite UNI** platform is built with robust, enterprise-grade security features to ensure the confidentiality, integrity, and availability of all user and system information. Below is an overview of the key security measures implemented within the platform: #### **1.** [**Role-Based Access Control (RBAC)**](/product-guide-uni/admin-home/users/user-setup/user-groups.md) Edusuite UNI uses **Role-Based Access Control** to ensure that users can only access the features and data relevant to their role (e.g., student, faculty, registrar, administrator). Permissions are configurable to match institutional policies and reduce the risk of unauthorized access. #### **2. Secure Authentication** **Hashed Passwords:** All user passwords are hashed using industry-standard algorithms before being stored. #### **3. Data Encryption** * **In-Transit Encryption:** All data transmitted between the client and server is protected using **SSL/TLS encryption**, preventing interception and tampering. * **At-Rest Encryption:** Sensitive data stored in databases and file systems is encrypted to safeguard against data breaches. #### **4.** [**Activity Logs and Audit Trails**](/product-guide-uni/admin-home/security/audit-trail.md) The platform maintains detailed logs of user actions, allowing administrators to monitor system activity, detect anomalies, and trace changes for accountability and compliance. #### **5. Session Management and Auto-Logout** User sessions are managed with security best practices, including: * Session expiration after a period of inactivity * Auto-logout features to prevent unauthorized access from unattended sessions #### **6. Regular Security Updates and Patching** Edusuite UNI is continuously updated to address new vulnerabilities. Security patches are applied regularly, ensuring protection against the latest threats and exploits. #### **7. Secure APIs and Integrations** The platform uses secure, token-based authentication for all API connections. Third-party integrations are controlled and monitored to ensure they meet Edusuite's security standards. #### **8. Data Backup and Disaster Recovery** Edusuite implements automated **data backups** and **disaster recovery protocols** to protect against data loss and ensure continuity in the event of system failure or unexpected incidents. #### **9. Compliance with Data Privacy Standards** Edusuite UNI is designed to align with relevant data protection regulations, including: * **Data Privacy Act of 2012 (Philippines)** User data is handled in accordance with strict privacy policies to ensure ethical and legal compliance. #### **10. User Education and Admin Controls** System administrators have access to tools that help enforce strong security practices, such as password policies and user access reviews. Additionally, educational materials and alerts help users stay informed about potential security threats like phishing. Security is a shared responsibility—and with Edusuite UNI, your institution benefits from a platform designed with safety at its core. Whether managing student records, financial data, or academic workflows, you can rely on Edusuite UNI to keep your information secure. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://info.edusuite.asia/product-guide-uni/admin-home/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.