Security

Security starts with tenant isolation, route boundaries, and role-aware access.

Because SchoolPilot is a multi-tenant school platform, security cannot depend on surface-level interface checks alone. The product is designed around school-specific boundaries and role-specific visibility from the start.

Tenant boundaries

Every tenant school is scoped independently. Routing, school context, and school-level data access are all shaped around preventing one tenant from crossing into another tenant’s records.

Role-aware access control

The platform separates what staff, parents, students, and platform operators can do. Within school staff usage, role distinctions matter further because not every operational role should see or edit everything.

Public route control

Public pages and public utilities are intentionally limited. Root-domain marketing pages, tenant landing pages, and carefully scoped public utilities are treated differently from authenticated school operations.

Workflow consistency

Security is also strengthened by reducing duplicated manual workflows. When records and outputs are generated from connected product flows instead of disconnected manual handoffs, the risk of inconsistency and leakage drops.

Tenant boundaries

Every tenant school is scoped independently. Routing, school context, and school-level data access are all shaped around preventing one tenant from crossing into another tenant’s records.

This is fundamental for a shared SaaS environment where many independent schools operate on the same platform foundation.

Role-aware access control

The platform separates what staff, parents, students, and platform operators can do. Within school staff usage, role distinctions matter further because not every operational role should see or edit everything.

That structure reduces accidental exposure and limits operational access to what a person actually needs to do their work.

Public route control

Public pages and public utilities are intentionally limited. Root-domain marketing pages, tenant landing pages, and carefully scoped public utilities are treated differently from authenticated school operations.

This reduces the risk of turning public routes into unbounded entry points for private school data.

Workflow consistency

Security is also strengthened by reducing duplicated manual workflows. When records and outputs are generated from connected product flows instead of disconnected manual handoffs, the risk of inconsistency and leakage drops.

That is especially important for billing records, student records, communication history, and academic result publication.