Security Overview

Every school, district, and publisher operates in a fully isolated data environment. Tenant boundaries are enforced at the database layer, ensuring that data from one school is never accessible to another.

All admin and staff logins require two-factor authentication via OTP. Session tokens are short-lived JWTs signed with tenant-scoped secrets. Idle sessions expire automatically. Password reset flows verify identity before issuing a new credential.

All traffic between clients and the platform is encrypted in transit. Internal service-to-service calls on the platform network use authenticated channels.

Every administrative action is logged: user creation, role changes, content publishing, and payment events. Each entry records a timestamp, actor identity, and tenant context. Audit logs are append-only and exportable for compliance purposes.

Access to every portal and API endpoint is gated by role. Students, teachers, parents, admins, and publishers each have a distinct permission set. No role can escalate to another without explicit administrator action.

Published content is served via Cloudflare CDN with signed URLs for protected resources. Raw storage paths are not exposed to end users. Content access is validated against the learner's active enrollment and entitlement.

Payment flows route through Paystack, Pesapal, and Stripe: PCI-compliant providers that tokenize card data before it reaches our systems. Elymica never stores raw card numbers. Webhook signatures are verified on receipt.

Platform data is hosted on secure, high-standard infrastructure, with backups retained in compliant storage. Schools with specific regulatory requirements (e.g. PDPA, GDPR) should review and confirm data residency options with our team before use.