AES-256 encryption
All sensitive data encrypted both in transit and at rest using industry-standard AES-256 encryption. Encryption keys managed securely with regular rotation and restricted access.
Bank-grade security
Edstart delivers modern, secure solutions that schools can trust. We prioritise privacy and data protection in everything we build.
Every aspect of our platform is designed with security and privacy in mind, giving schools the confidence to focus on education.
Core security infrastructure
All sensitive data encrypted both in transit and at rest using industry-standard AES-256 encryption. Encryption keys managed securely with regular rotation and restricted access.
All sensitive data stored exclusively within Australia in compliance with local regulations. No data transfer outside Australia without explicit approval and legal compliance.
MFA required for all users accessing sensitive data. Role-based access control ensures minimum necessary access based on job functions and principle of least privilege.
Operational security
24/7 network monitoring with intrusion detection and prevention systems. All access to sensitive data logged and reviewed regularly for unauthorised attempts.
Critical systems isolated in separate network segments with strict access controls. Prevents lateral movement in case of security incidents.
Comprehensive incident response procedures with immediate containment, rapid escalation, and post-incident analysis. All security incidents reported within 24 hours.
Compliance & training
All vendors undergo thorough security assessments before engagement. Regular audits ensure continued compliance with our security standards.
Annual security policy reviews and regular compliance audits. Continuous improvement based on emerging threats and regulatory changes.
Mandatory annual security awareness training for all employees. Role-specific training for staff handling sensitive data with regular updates and testing.
We're committed to meeting and exceeding industry standards for security and privacy, giving schools confidence in our platform.
PCI DSSPayment Card Industry Data Security Standard for secure payment processing - ensuring safe handling of school fees.
Privacy Act 1988Full compliance with Australian Privacy Principles (APPs) governing collection, use, disclosure and storage of personal information including student data.
KYC & AMLKnow Your Customer identity verification and Anti-Money Laundering compliance as required for regulated financial services in education.
Regulatory compliance
Stay ahead of evolving education sector requirements and privacy laws. Our compliance framework ensures your school meets all regulatory obligations, avoiding costly fines and legal complications while maintaining your reputation in the community.
Risk management
Protect sensitive student data with enterprise-grade security measures. Our comprehensive approach reduces data breach risks, safeguarding student records, financial information, and personal details from cyber threats and unauthorised access.
Peace of mind
Focus entirely on education while we handle the complex world of security and compliance. Our dedicated team continuously monitors, updates, and maintains all security protocols, allowing your staff to concentrate on what matters most - student success.
Join forward-thinking schools that trust Edstart with their most important asset: student data.