School Jotter prioritises the security of school data through a comprehensive framework designed to protect the confidentiality, integrity, and availability of our web and mobile services.
Infrastructure & Data Residency
School Jotter is a cloud-native platform built on Amazon Web Services (AWS), providing world-class infrastructure security.
- Compliance Standards: Webanywhere maintains ISO 9001 and Cyber Essentials certifications, demonstrating our commitment to operational quality and cyber security best practices. Furthermore, our underlying hosting provider, AWS, is certified to ISO 27001, SOC 1/2/3, and PCI DSS Level 1 standards.
- Physical Security: AWS maintains rigorous physical access controls, including biometric scanning and 24/7 on-site security at all data floors.
Network Security & Isolation
We employ a comprehensive strategy to isolate data from external threats.
- Virtual Private Cloud (VPC): The platform environment is isolated within a VPC, creating a private logical network segregated from the public internet.
- Edge Protection: We utilize AWS Shield for always-on monitoring and automatic mitigation of DDoS attacks. This ensures the availability of our services by filtering malicious traffic and prioritising authorised requests at the network edge.
- Access Control: Only authorised Webanywhere engineers have access to production environments, and all administrative activity is auditable.
Data Encryption
Encryption is integrated at every layer of the platform to prevent unauthorised data interception.
- In Transit: Data moving between browsers, mobile apps, and our servers is encrypted via SSL/TLS protocols.
- Secure Transport Enforcement (HSTS): We enforce HTTP Strict Transport Security (HSTS) to guarantee that web browsers interact with our platform exclusively over secure, encrypted HTTPS connections, protecting against protocol downgrade attacks.
- At Rest: Data stored in our databases is protected using industry-standard AES-256 encryption, ensuring data remains unreadable even if physical storage is compromised.
Resilience & Performance
Our platform is designed for high availability, rapid recovery, and consistent performance across typical and peak usage scenarios.
- Elastic Autoscaling: To handle fluctuating traffic our infrastructure automatically scales resources up or down in real-time. This ensures the platform remains responsive regardless of the number of concurrent users.
- Automated Backups: Daily backups are performed and stored in geographically redundant locations to ensure rapid restoration in the event of an incident.
- Proactive Patching: We maintain a rigorous schedule for server and software updates, ensuring all systems are protected against the latest known vulnerabilities.
- Penetration Testing: We conduct regular vulnerability scans and periodic third-party penetration testing to validate our security posture.