Gradcut is dedicated to ensuring the security of our customers and their data. As a cloud-based company responsible for safeguarding valuable data, particularly your organisational knowledge, we focus on maintaining robust security measures. Gradcut conducts regular penetration testing and encrypts data both at rest and during transit. Our customers trust us with their sensitive information, and maintaining its security is our top priority.
Reliable and Secure Infrastructure & Applications
Gradcut services and data are hosted in AWS and Linode facilities. Access to customer data is limited to authorised employees who require it for their job. Gradcut is served 100% over https. We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on GitHub, AWS, and Linode to ensure access to cloud services is protected.
Encryption
All personal and identifying data sent to or from Gradcut is encrypted in transit using 256-bit encryption. We encrypt data at rest using an industry-standard AES-256 encryption algorithm.
Pentests and Vulnerability Scanning
Gradcut employs third-party security tools to perform continuous vulnerability scans. Our dedicated security team promptly addresses any issues identified. Additionally, we engage external security experts annually to conduct thorough penetration tests on the Gradcut application and infrastructure.
Incident Response
Gradcut implements escalation procedures, rapid mitigation, and post-mortem procedures for handling security events. All employees are informed of our policies.
Secure Delivery Portal
OTP
OTP (One-Time Password) authentication enhances security by requiring users to enter a unique password sent to them at the time of login, in addition to their regular login credentials. This ensures that only authorised users can access the system, providing an extra layer of protection against unauthorised access.
PCI Obligations
All payments made to Gradcut go through our partner, Stripe. Details about their security setup and PCI compliance can be found on Stripe’s security page.
Our Team is Committed to Security
Employee Vetting
We conduct background checks on all new hires in compliance with local regulations, including employment verification and criminal checks.
Training
Every year, all employees participate in mandatory Security and Awareness training.
Policies
We maintain an extensive set of security policies that cover various aspects of our operations. These policies are regularly reviewed and updated, and all employees are kept informed.
Confidentiality
All employee agreements contain a confidentiality clause to ensure the protection of sensitive information.
Delivering personalised graduation videos while supporting education in developing communities.
Gradcut is a registered trading name of Edit on the Spot Pty Ltd.