Security & Infrastructure

Highlights

  • U.S.-Hosted Microsoft Azure Infrastructure
  • Encryption in Transit and at Rest
  • Mandatory Multi-Factor Authentication
  • Optional Single Sign-on
  • Independent Security Testing
  • TX-RAMP Level 2 Certified

CleryEdge is designed to protect the confidentiality, integrity, and availability of institutional compliance data. Our security program incorporates modern encryption practices, secure cloud infrastructure, strong access controls, and ongoing testing to safeguard the information entrusted to us.

CleryEdge is TX-RAMP Level 2 certified, demonstrating alignment with rigorous security standards required for cloud services supporting government and higher education institutions.

Secure Cloud Infrastructure

CleryEdge is hosted exclusively in U.S.-based Microsoft Azure data centers, which provide enterprise-grade physical and environmental security. Azure facilities maintain multiple layers of protection, including:

  • Controlled perimeter security
  • Biometric access controls
  • Continuous facility monitoring
  • Environmental and power redundancy
Azure infrastructure complies with numerous internationally recognized standards, including ISO/IEC 27001, SOC 1, SOC 2, SOC 3, HIPAA, and FedRAMP.

Data Encryption

All CleryEdge data is protected using modern encryption standards.

  • Data in Transit: All communications between users, the application, and backend services are protected using Transport Layer Security (TLS) encryption.
  • Data at Rest: CleryEdge databases use Transparent Data Encryption (TDE) with AES encryption to protect stored data.
These controls ensure institutional records remain protected both while transmitted and while stored.

Identity & Access Controls

Access to CleryEdge is governed through a role-based permissions model managed by each institution. Security controls include:

  • Mandatory multi-factor authentication (MFA) for all users
  • Optional Single Sign-On (SSO) integration with institutional identity providers
  • Configurable user roles and permissions
  • Secure authentication workflows
These controls allow institutional customers to manage access in accordance with their internal security policies.

Security Testing & Monitoring

CleryEdge undergoes ongoing security testing and monitoring to help identify and remediate potential vulnerabilities. Our security program includes:

  • Regular internal and external vulnerability assessments
  • Independent penetration testing
  • Continuous monitoring of system activity
  • Prioritized remediation of identified issues
Security testing and system monitoring are integrated into our broader secure development and operational practices.

Payment Processing

CleryEdge does NOT store, process, or transmit credit card information. All credit card payment transactions are processed through Stripe, a third-party provider that maintains full PCI-DSS compliance.

Data Protection & Backup Practices

CleryEdge has never experienced a data loss incident. Institutional data is protected through layered safeguards designed to maintain system integrity and support continuity of operations. These safeguards include:

  • Encrypted storage of application data
  • Daily system backups with rolling retention
  • Alignment with documented disaster recovery practices