Secure and private by default

All data transferred between the client and Orah is encrypted using industry standard TLS (Transport Layer Security). Any non-secure requests are automatically redirected to the secure port. Data is also encrypted while at rest when stored on our servers.

Our servers are located within enterprise-grade hosting facilities that employ robust physical security controls. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits.

We take a "defense in depth" approach to protecting our system and customer data. Multiple layers of security controls, including security group firewalls, routers and Access Control Lists are implemented according to industry best practice and AWS recommendations. We also leverage the expertise of certified cloud consultants to review our system regularly

Orah automatically backs up all of your data every 24 hours. So if an unlikely event occurs, we can recover your data and keep your school running.

Orah operates 11 availability zones within 3 geographic regions around the world. Schools can choose to save their data in any one of these three regions. This can help schools to comply with each of their countries data sovereignty regulations which may discourage them from storing data outside their country or economic zone.

All client access into Orah requires authentication through username and password, with access being revoked after a preset timeout.

In Orah, you can restrict access and permissions for different users to protect the privacy of your students. You can also end all sessions, suspend and delete users from the admin console.

Orah boasts a consistent availability above 99.95% over the last 12 months. Customer data is 100% backed up to multiple online replicas with additional snapshots and other backups.