Compliance & Security Standards
Detailed overview of the security standards and frameworks Viddarpan complies with.
Security Compliance Frameworks
Viddarpan maps its security controls against industry-leading frameworks to ensure comprehensive protection of educational data.
SOC 2 Type II
Our cloud infrastructure providers undergo rigorous annual SOC 2 Type II audits, evaluating the security, availability, and confidentiality of their systems. We inherit these controls and apply our own layer of application-level security policies.
ISO/IEC 27001
Viddarpan's information security management systems are aligned with ISO 27001 standards, ensuring a continuous process of risk assessment, mitigation, and security enhancement.
Data Center Security
We do not operate our own physical servers. Instead, we leverage Amazon Web Services (AWS), which maintains the highest physical security standards in the industry.
- 24/7 physical security guards.
- Biometric access controls.
- Strict environmental controls (fire suppression, backup generators).
Application Security Policies
To maintain compliance, Viddarpan enforces the following policies:
- Principle of Least Privilege: Employees only have access to the systems necessary to perform their job duties.
- Mandatory MFA: Multi-Factor Authentication is required for all administrative access to Viddarpan infrastructure.
- Data Segregation: School data is logically segregated within our databases to prevent cross-tenant data leakage.
- Encryption Standards: We enforce TLS 1.2+ for data in transit and AES-256 for data at rest.
For a broader overview designed for school leadership, see our Trust Center Security page.