Trust Center
Security Roadmap
Current capabilities already in production, and future enhancements that extend them. Listed separately so planned work is not mistaken for missing fundamentals.
Overview
Priorities may shift based on customer needs, regulatory expectations and engineering capacity. The roadmap demonstrates direction, not a fixed delivery schedule.
Current Capabilities
Authentication & sessions
ImplementedCredential-based authentication with server-side session validation for protected access.
Role-based access control
ImplementedSchool-scoped roles and permissions that limit what staff and other users can view or change.
Encryption in transit and at rest
ImplementedHTTPS/TLS for client traffic and provider-managed encryption for database and storage at rest.
Operational logging & monitoring
ImplementedApplication and platform logging with health monitoring to support operations and incident response.
Managed backups
ImplementedDatabase backups through infrastructure providers to support recovery planning.
School (tenant) isolation
ImplementedLogical isolation so users from one school cannot access another school’s records.
Future Enhancements
Enterprise Multi-Factor Authentication
PlannedAdditional authentication factors for staff accounts beyond current credential-based authentication.
Enhancement 1 of 8
Single Sign-On
PlannedEnterprise SSO options so schools can authenticate with their identity provider.
Enhancement 2 of 8
Expanded Audit Analytics
PlannedRicher audit trails and reporting for sensitive administrative and security-relevant actions, building on existing operational logging.
Enhancement 3 of 8
Expanded Security Reporting
PlannedClearer in-product and Trust Center reporting for administrators and procurement teams.
Enhancement 4 of 8
Advanced Monitoring & Threat Detection
PlannedDeeper observability and improved detection of suspicious authentication and access patterns, extending current monitoring.
Enhancement 5 of 8
Additional Compliance Documentation
PlannedFurther questionnaires, evidence packs and policy artefacts for procurement programmes.
Enhancement 6 of 8
Feature Flags
PlannedSafer staged rollouts of security-sensitive features across school environments.
Enhancement 7 of 8
Granular Permission Improvements
PlannedFiner-grained roles and resource-level controls for complex school organisations, extending current RBAC.
Enhancement 8 of 8
Contact Security Team
Questions about security, privacy or procurement questionnaires.