UNOX Portal
UNOX PortalSecurity

Security

Built secure from the ground up.

Exam and student data is among the most sensitive information an institution holds.

Every UNOX deployment is protected with enterprise-grade controls at every layer: from transport encryption to full audit trails.

SHA-2

Encryption standard

TLS 1.3

Transport security

100%

Action audit coverage

SHA-2 EncryptionTLS 1.3 TransportOTP AuthenticationISO-aligned100% Audit Coverage

Architecture

Security at every layer.

Protection is not a single control. Every UNOX deployment enforces independent security measures at transport, application, and audit levels simultaneously.

01

Transport Security

All data moving between users and the platform is encrypted in transit. TLS 1.3 is enforced on every connection with no fallback to older protocols.

TLS 1.3 enforcedHTTPS everywhereNo protocol downgrade
02

Application Security

Exam content and student data are encrypted at rest using SHA-2. Every login requires OTP verification, and role-based access control limits what each user can see or do.

SHA-2 at restOTP at login and submissionRBAC across all modules
03

Audit and Compliance

Every login, action, and data change generates a tamper-evident audit record. Results are sealed with digital approval signatures and cannot be altered after release.

100% action coverageTamper-evident recordsDigital approval signatures

Security architecture

Protection at every layer.

Data Encryption

  • SHA-2 encryption for all exam content in transit and at rest
  • TLS 1.3 enforced across all client-server communication channels
  • Encrypted database storage with per-institution key isolation
  • Zero plain-text storage of credentials, answers, or sensitive responses

Access Control

  • Role-based access control (RBAC) enforced across every module
  • OTP authentication required at exam login and script submission
  • Session timeout and automatic logout enforced on inactivity
  • Exam-specific access windows with configurable IP address restrictions

Infrastructure Security

  • Cloud-hosted on hardened infrastructure with regular penetration testing
  • Firewall rules and intrusion detection systems active at all times
  • Automated daily backups with point-in-time recovery capability
  • Data residency options available for local compliance requirements

Compliance and Auditing

  • Full audit trail for every login, action, and data change in the system
  • Tamper-evident exam result records with digital approval signatures
  • Support for institutional data governance and information security policies
  • Regular third-party security assessments and vulnerability reviews

Need our security documentation?

Contact us for the full security whitepaper, data processing agreements, and compliance documentation.

Request documentation