TypedChrono

Security First

SchoBase is built with security at its core. From encryption to compliance, we protect your data at every level.

Our Security Commitment

Encryption Everywhere

All data encrypted in transit (TLS 1.3) and at rest (AES-256-GCM) with industry-standard cryptography.

Access Control

Role-based access control (RBAC) with fine-grained permissions and multi-factor authentication support.

Audit Logging

Comprehensive audit trails for all database operations with tamper-proof log storage and SIEM integration.

Infrastructure Security

Defense-in-depth architecture with network isolation, firewalls, and intrusion detection systems.

Compliance Ready

Built to support GDPR, HIPAA, SOC 2, ISO 27001, and industry-specific standards like IEC 62443.

Vulnerability Management

Regular security audits, dependency scanning, and responsible disclosure program for vulnerabilities.

Encryption & Data Protection

Data at Rest

  • AES-256-GCM encryption for all stored data
  • Key Management: AWS KMS, Azure Key Vault, or HashiCorp Vault
  • Automatic key rotation every 90 days
  • Encrypted backups with separate encryption keys

Data in Transit

  • TLS 1.3 for all API connections
  • Mutual TLS (mTLS) for device authentication
  • Perfect forward secrecy with modern cipher suites
  • Certificate pinning for mobile/IoT clients

Compliance & Certifications

SchoBase helps you meet regulatory and industry compliance requirements

GDPR

EU General Data Protection Regulation compliance with data residency, right to erasure, and data portability.

  • • Data residency controls
  • • Automated data deletion
  • • Export in standard formats

HIPAA

Healthcare data protection with PHI encryption, access controls, and audit logging.

  • • PHI encryption at rest/transit
  • • Comprehensive audit logs
  • • BAA available for customers

SOC 2 Type II

Third-party audited controls for security, availability, and confidentiality.

  • • Annual audits
  • • Security controls verified
  • • Reports available to customers

ISO 27001

International standard for information security management systems.

  • • ISMS implementation
  • • Risk assessments
  • • Continuous improvement

IEC 62443

Industrial automation and control systems security standard.

  • • OT network segmentation
  • • Defense in depth
  • • Security zones & conduits

NERC CIP

Critical Infrastructure Protection for North American power grid.

  • • Access control & logging
  • • Change management
  • • Incident response

Security Best Practices

1. Network Security

Implement defense-in-depth with proper network segmentation:

  • • Deploy SchoBase in a dedicated VLAN or subnet
  • • Use firewalls to restrict access to necessary ports only
  • • Implement IDS/IPS for intrusion detection
  • • Separate IT and OT networks (for industrial deployments)
  • • Use VPN or zero-trust network access for remote connections

2. Authentication & Authorization

Follow the principle of least privilege:

  • • Enable multi-factor authentication (MFA) for all users
  • • Use service accounts with minimal permissions for applications
  • • Rotate credentials regularly (every 90 days recommended)
  • • Integrate with your enterprise SSO/SAML provider
  • • Regularly audit user permissions and remove inactive accounts

3. Data Protection

Protect sensitive data at every layer:

  • • Enable encryption for all data (in transit and at rest)
  • • Use field-level encryption for PII/PHI data
  • • Implement data retention policies and automated deletion
  • • Regular automated backups with offsite storage
  • • Test backup restoration procedures quarterly

4. Monitoring & Incident Response

Stay vigilant with continuous monitoring:

  • • Enable comprehensive audit logging
  • • Integrate logs with your SIEM system
  • • Set up alerts for suspicious activity
  • • Maintain an incident response plan
  • • Conduct regular security reviews and penetration tests

Responsible Disclosure Program

We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly:

How to Report:

  1. Email security@schobase.dev with details of the vulnerability
  2. Include steps to reproduce, impact assessment, and any proof-of-concept
  3. Give us reasonable time to address the issue before public disclosure
  4. Do not access or modify user data beyond what's necessary to demonstrate the vulnerability
Our Commitment:
  • • Acknowledge within 24 hours
  • • Provide timeline for fixes
  • • Credit researchers (if desired)
  • • No legal action for good-faith research
Bug Bounty:
  • • Rewards for qualifying vulnerabilities
  • • $100 - $5,000 based on severity
  • • Recognition in Hall of Fame
  • • Swag for all valid reports

Questions About Security?

Our security team is here to help. Contact us for security audits, compliance documentation, or custom security requirements.

Contact Security TeamEnterprise Security