Security

At KnowledgeFlex Technologies Pvt. Ltd., protecting customer data is a core engineering priority. We operate a defence-in-depth programme spanning infrastructure, application, and organisational controls.

Data encryption

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Encryption keys are managed through a dedicated key-management service with strict access controls and rotation.

Infrastructure & hosting

• Hosting on enterprise cloud infrastructure with ISO 27001 and SOC 2 certified data centres.
• Network segmentation, firewalls, and continuous intrusion monitoring.
• Optional private-cloud and India data-residency deployment for enterprise customers.
• Automated backups with point-in-time recovery and tested restore procedures.

Access control

We enforce least-privilege access, single sign-on (SSO) with SAML/OIDC, multi-factor authentication, and role-based permissions. Administrative access to production is logged and reviewed.

Application security

• Secure development lifecycle with peer code review and dependency scanning.
• Regular third-party penetration testing and vulnerability assessments.
• A responsible-disclosure process for security researchers.

Monitoring & response

We maintain 24/7 monitoring, centralised logging, and a documented incident-response plan. In the event of a confirmed breach affecting personal data, we notify affected customers without undue delay and within the timelines required by law.

Compliance

Our controls are designed to support customer compliance with frameworks including SOC 2, ISO 27001, and applicable data-protection law. Compliance reports are available to enterprise customers under NDA.

Reporting a vulnerability

If you believe you have found a security issue, please email security@learniflex.com. We acknowledge reports promptly and work with reporters to resolve valid issues.