Security Questions

Owned by Brooke Noble
Last updated: Dec 05, 2024
2 min read

How is Authentication managed? 

For schools using Synergetic Cloud, it is expected that the school will provide a cloud-based identity provider that uses modern authentication protocols, such as Microsoft Entra ID, for accessing the Windows client, SynWeb, and the Community Portal.

Synergetic Cloud uses FusionAuth, a third party Customer Identity and Access Management (CIAM) platform to provide a consistent authentication layer between Schools' IDP and Synergetic cloud-hosted applications. The use of FusionAuth is relatively invisible to schools, and the migration / onboarding team will provide you with the technical details required to connect your IDP to Synergetic. 

Given the sensitivity of the data stored in Synergetic, we highly recommend that MFA is set to challenge every Synergetic user at login, regardless of role and location. 

Further information here 

Please note that if you access Payroll, then ATO requires that any user with access to payroll information (including their own) must be required to enable multifactor authentication. This will need to be managed within your identity provider. 

What data security is in place with Hosting? 

Synergetic Cloud leverages AWS's robust security infrastructure, including:  

  • Secure by Design Infrastructure: AWS's infrastructure is designed with security as a priority, leveraging deep automation and over 300 cloud security tools. 

  • 24/7 Monitoring: The infrastructure is continuously monitored for security threats and vulnerabilities.  

  • Enterprise-Grade Security and Encryption: Synergetic Cloud benefits from AWS's enterprise-grade security protocols and encryption technologies, ensuring data protection. 

  • Automated Incident Response: AWS has automated incident response capabilities to mitigate threats quickly and efficiently.  

In addition to AWS's security measures, Education Horizons will manage security updates, patching, and other security-related tasks to ensure a secure environment.  

Can I still store credit card information in Synergetic? 

Storing payment method details in Synergetic is not supported in Synergetic Cloud, and we strongly recommend against this for on premise schools as well. The Stripe and NAB Transact payment gateways provide a safe way to store a “token” or reference to a payment method, which is stored externally to Synergetic.