User data is always encrypted at rest, responsibly stored, and transmitted securely. This includes the use of TLS/SSL protocols, 256-bit AES data encryption, API call-level authentication, and modern DDoS mitigation controls.

Our architecture is designed to be highly available with replicas in different regions. Our architecture and monitoring systems allows us to guarantee uptime of at least 99.9% or better ensuring reliable service for you and your community.

Grafted provides an array of single sign-on (SSO) options to ensure your users can enjoy safe, simple access to the platform from any secure identity or device. Our authentication process includes but is not limited to the following protocols: OpenID Connect (OIDC), G-Suite, Azure AD, Active Directory LDAP, SAML and Shibboleth.

Grafted is designed to enable complete FERPA, NCAA, GDPR and ISO-27001 compliance standards. We give students clear and easy methods to control of their information at all times. We implement the appropriate Data Processing Agreements and are committed to an ongoing analysis and incorporation of approved GDPR standards.