Security First.
Student records and school data are sensitive. We engineer Sirath with security at every layer — not as an afterthought.
Encrypted at Rest & in Transit
All data is encrypted at rest using AES-256. All network communication uses TLS 1.2+. Credentials are hashed securely. Refresh tokens are stored with cryptographic signing.
Role-Based Access Control
Sirath has 10 system roles with fine-grained module permissions. Super Admins, School Admins, Teachers, and Parents each have precisely scoped access — no over-privileged accounts.
Authentication Security
Phone OTP authentication with JWT and short-lived refresh tokens. Sessions expire automatically. No password storage. All tokens are cryptographically signed.
Data Isolation
Each organization's data is fully isolated. Multi-tenancy is enforced at the database query level. One organization cannot access another's data through any path.
Audit Logging
Critical admin actions are logged with actor, timestamp, and context. Audit trails help administrators review changes and maintain accountability.
Infrastructure Security
Hosted on enterprise cloud infrastructure with automated backups, uptime monitoring, and disaster recovery. Database and application servers are isolated in private networks.
Responsible Disclosure.
If you discover a security vulnerability, please report it to us privately. We commit to responding within 48 hours and will not take legal action against good-faith researchers.
[email protected] →Please include: affected endpoint, steps to reproduce, potential impact, and your contact information. Do not access user data beyond what is necessary to demonstrate the issue.