Security Overview

Security is not a feature at UpperClass; it is the foundation of our platform. Whether you are a university managing enrollment data or a creator building your professional portfolio, we employ multi-layered security protocols to keep your information secure.

Infrastructure & Encryption

• Data in Transit: All communication between your browser and our servers is encrypted using TLS 1.2 or higher, ensuring that your data cannot be intercepted.
• Data at Rest: We use industry-standard AES-256 encryption to protect sensitive information stored in our databases.
• Cloud Security: Our infrastructure is hosted on world-class, SOC 2 Type II compliant cloud providers, offering 24/7 physical security and environmental protections.

Access Control & Authentication

• Identity Management: We support Multi-Factor Authentication (MFA) to add an extra layer of protection to your account.
• Least Privilege Access: Only essential UpperClass personnel have access to internal systems, and all access is logged and audited.
• Secure API: Our API is built with modern authentication tokens to ensure that integrations with brands and institutions remain airtight.

Proactive Protection

• Vulnerability Scanning: We conduct regular automated scans and periodic manual penetration tests to identify and remediate potential threats.
• Incident Response: We maintain a dedicated incident response plan to ensure that in the unlikely event of a security breach, we can act quickly to protect our community and fulfill notification requirements.

Security for Creators & Institutions

• For Creators: We verify brand partnerships to prevent phishing and fraudulent "offers."
• For Institutions: We ensure our data handling meets the compliance needs of university IT departments and registrar offices.