MyClassCampus - All in One Communication and ERP Solution

Security Practices, Policies & Infrastructure

With nearly 3 Lakhs+ users globally and more than 1200+ institutes registered, MyClassCampus is growing with putting their client's data privacy in centre.

We take security very seriously and have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure.

If you are currently maintaining your organization data on your local computer in offline or on your own servers, the odds are that we offer a better level of security than what you currently have in place.

This document outlines some of the mechanisms and processes we have implemented to help ensure that your data is protected. Our security practices are grouped in four different areas: Physical Security; Network Security; People Processes and Redundancy and Business Continuity.

Information Security Certifications (ISO 27001)

ISO/IEC 27001 is one of the most widely recognized independent international security standards. This certificate is awarded to organizations that comply with ISO's high global standards. HEXAGON INNOVATIONS PVT. LTD. has earned ISO/IEC 27001:2013 certification for Applications, Systems, People, Technology, and Processes.

Software Security


Secure Instances & Firewall:

Whole software is deployed on Secure Instances of Cloud where we have used proper firewalls to monitor and balance the traffic and remove malicious requests to server.


Server Setups:

Our servers are highly configured to block the DoS and other attacks to make the data safe.


Power Redundancy:

MyClassCampus configures its cloud servers for power redundancy - from power supply to power delivery.


Geo Mirroring:

Customer data is mirrored in a separate geographic location for Disaster Recovery and Business Continuity purposes.


SSH Authentication:

SSH keys are a pair of crystallographic keys that can be used to authenticate to an SSH server as an alternative to password-based logins. A private and public key pair are created prior to authentication. The private key is kept secret and secure by the user. Setting up SSH key authentication allows you to disable password-based authentication. SSH keys generally have many more bits of data than a password, meaning that there are significantly more possible combinations that an attacker would have to run through. Many SSH key algorithms are considered uncrackable by modern computing hardware simply because they would require too much time to run through possible matches.


VA-PT performed:

Vulnerability assessment and Penetration testing done on software and mobile app to eliminate top OWASP vulnerabilities and ensure to minimize the risk. NIST guided standard tools are used and along with that, proper manual Security testing techniques are used and all the security patches were made.

Network Security


Secure Communication:

All data transmission to MyClassCampus services are encrypted using SSL protocols, and we use certificates issued by SHA 256 based CA ensuring that our users have a secure connection from their browsers to our service.

People Processes


Select Employees:

Only employees with the highest clearance have access to our data management system where also they can access only selected information necessary to provide support to any institution.


Audits:

Audits are regularly performed and the whole process is reviewed by management.


This document was last updated on July 04, 2018.

Color Switcher