Security & Trust

Our Commitment

Celerity is purpose-built for education. Protecting student data isn't a feature — it's the foundation of everything we build. Our platform is designed from the ground up with FERPA compliance, data isolation, and enterprise-grade security.

Data Protection

• All data encrypted in transit (TLS 1.2+) and at rest (AES-256)
• Tenant data is fully isolated — cross-tenant access is architecturally impossible
• Passwords are hashed and never stored in plaintext
• All credentials managed through a dedicated secrets vault — no secrets in code or config files
• All data hosted in the United States

Authentication & Access

• Industry-standard OIDC authentication
• Multi-factor authentication (MFA) supported
• Role-based access controls
• JWT-based API authorization with automatic key rotation
• No shared credentials between tenants

Infrastructure

• Hosted on enterprise-grade cloud infrastructure (US region)
• Serverless compute — no persistent servers to patch
• Multi-availability-zone database with automated failover
• Automated daily backups with point-in-time recovery
• Private network architecture — databases are never exposed to the public internet

Operational Security

• Infrastructure access restricted to authorized personnel via secure tunnels
• All administrative actions logged and monitored
• Application-level logging with no PII in logs
• Documented incident response procedures
• 48-hour breach notification to affected customers

Compliance Roadmap

Detailed Security Documentation

Detailed security architecture documentation — including infrastructure specifics, network topology, and implementation details — is available to customers and prospects under NDA through the Celerity portal.

To request access, contact us at security@celerityedu.com or start a trial.

Contact

Security inquiries: security@celerityedu.com

Vulnerability reports: See our Responsible Disclosure Policy

Support portal: support.celerityedu.com