Cloud Sentrics Docs

Security & Compliance

How Cloud Sentrics protects your data, your users, and your operations.

Cloud Sentrics is built with security at its core. Every layer of the platform — from data storage to user access — is designed to protect your organization's most sensitive information.

Data Protection

Your data is encrypted at every stage:

  • At rest — All stored data is encrypted using industry-standard AES-256 encryption
  • In transit — All connections use TLS 1.2+ (the same standard used by banks)
  • Backups — Automated daily backups, fully encrypted

No one — including Cloud Sentrics staff — can read your raw data without authorization.

Customer Isolation

Each customer operates in a completely separate environment:

  • Dedicated database tables per customer
  • Isolated file storage per customer
  • No shared data between organizations
  • Separate encryption keys

Your school's data is never mixed with another school's data. Your hospital's records are never accessible to another facility.

Authentication & Access Control

  • Multi-Factor Authentication (MFA) — TOTP-based 2FA for all admin accounts
  • Role-based access — Admin, Educator, Finance, Viewer roles with granular permissions
  • Session management — Automatic timeout after 60 minutes of inactivity
  • Password policies — Enforced complexity requirements

Audit Logging

Every action on the platform is tracked:

  • Who logged in and when
  • Who accessed, downloaded, or shared files
  • Who changed settings or permissions
  • Who viewed or exported student/patient records
  • Failed login attempts

Audit logs are retained for 30 days and can be exported as CSV for compliance evidence.

Infrastructure

Cloud Sentrics runs on Amazon Web Services (AWS):

  • Region: Africa-proximate (us-east-1) with low-latency access from Nigeria
  • Availability: Multi-AZ deployment for high availability
  • Scalability: Auto-scaling to handle peak usage (exam periods, report card season)
  • Monitoring: 24/7 automated monitoring with alerting

Incident Response

In the event of a security incident:

  1. Automated detection and alerting
  2. Immediate investigation by the security team
  3. Customer notification within 24 hours
  4. Root cause analysis and remediation
  5. Post-incident report shared with affected customers

Compliance

Cloud Sentrics is designed to support compliance with:

  • NDPR — Nigeria Data Protection Regulation
  • Data residency — Customer data stored in controlled AWS regions
  • Right to access — Customers can export all their data at any time
  • Right to deletion — Data can be permanently removed on request

Secure Communications

All communications sent through Cloud Sentrics (parent emails, staff messages, report cards) are:

  • Sent through verified, authenticated email channels
  • Tracked with delivery confirmation
  • Protected against spoofing and impersonation

CBT / Assessment Security

Computer-Based Testing includes:

  • Fullscreen lockdown with violation detection
  • Anti-cheating measures (tab switch detection, device lock)
  • Server-side answer validation (answers never exposed to browser)
  • Unique question/option shuffling per student
  • Automatic termination after security violations

Reporting a Security Concern

If you discover a potential security issue, contact us immediately:

We take all reports seriously and will investigate promptly.


Last updated: May 2026

Last updated: May 2026