OneRiki

ClubConnect

Back to Home/Security Platform
Institutional Security
Audit Verified

Security at ClubConnect

Our comprehensive commitment to protecting student data and GITAM institutional infrastructure.

OneRiki Security
Infrastructure Team
Last Revision
March 21, 2026

ClubConnect is built on an institutional-grade security framework that prioritizes the privacy of our student communities. We employ industry-standard encryption, granular access controls, and transparent auditing to ensure a safe operational environment.

99.9% Uptime SLA

Our infrastructure is hosted on globally distributed cloud nodes, ensuring that security patches and system updates never disrupt your club operations.

1. Data Protection & Encryption

We treat all data flowing through ClubConnect with the highest level of sensitivity, employing multi-layered encryption protocols.

  • In-Transit: All data is encrypted using TLS 1.3 certificates, ensuring that information remains private between your browser and our servers.
  • At-Rest: Sensitive database fields (such as financial records and personal identifiers) are encrypted using AES-256 standards.
  • Backups: Encrypted system backups are performed daily with 30-day point-in-time recovery capabilities.

2. Access Control & Authorization

Our authorization model is built on the principle of least privilege, ensuring users can only access the data required for their specific roles.

  • Authentication: We leverage Google OAuth via GITAM Workspace, ensuring that your existing university credentials are the sole entry point.
  • Row-Level Security: We use Supabase RLS (Row-Level Security) to enforce access policies directly at the database level, preventing any unauthorized API queries.
  • Role-Based Access: Specific permissions are mapped to roles (Club Lead, Member, Administrator) to prevent lateral movement and data leakage.

3. Network & Infrastructure

ClubConnect utilizes enterprise-grade cloud providers to manage our physical and network-level security.

  • DDoS Protection: Automated mitigation layers prevent distributed denial-of-service attacks from impacting platform availability.
  • Managed Firewalls: Traffic is filtered through strictly controlled web application firewalls (WAF) to block malicious requests and OWASP Top 10 vulnerabilities.
  • Environment Isolation: Development, staging, and production environments are strictly isolated to prevent data contamination during system upgrades.

4. Privacy & Compliance

We are committed to the highest standards of data privacy, specifically tailored to the GITAM ecosystem.

  • Data Residency: All student and club data is stored in secure Indian cloud regions (AWS Mumbai) to comply with institutional requirements.
  • No Tracking: We do not use third-party marketing trackers or sell student data to external vendors. Every interaction remains strictly internal to the university.
  • DPDP Preparedness: Our architecture is designed with the Digital Personal Data Protection (DPDP) Act in mind, offering students clear paths to data rectification and deletion.

5. Vulnerability Disclosure

We value the security research community, especially within the GITAM student body. We encourage responsible disclosure of any discovered vulnerabilities.

If you believe you have found a security vulnerability in ClubConnect, please report it to us by emailing security@oneriki.in. We strive to acknowledge all reports within 48 hours.

Need Technical Security Details?

For administrative inquiries or detailed technical assessments required by university faculty, please contact our infrastructure team directly.

Contact Security Team