Data Security
Junipa runs entirely on Google Cloud Platform in the Sydney region (australia-southeast1). All data remains within Australia.
Infrastructure
| Component | Platform | Security |
|---|---|---|
| Database | Firestore | AES-256 encryption at rest, per-tenant project isolation |
| File storage | Cloud Storage | AES-256 encryption at rest, signed URLs for access |
| Authentication | Firebase Auth | SSO, MFA, session management |
| Frontend | Cloud Run | Auto-scaling, HTTPS-only |
| Backend API | App Engine | Per-tenant GCP projects |
| Edge | Cloudflare | WAF, DDoS protection, CSP headers |
Encryption
- At rest: AES-256 (Google-managed encryption keys). All data in Firestore and Cloud Storage is encrypted automatically.
- In transit: TLS 1.3. All connections between browsers and Junipa, and between Junipa components, are encrypted.
Authentication
Junipa uses Firebase Authentication with multiple sign-in options:
- Single Sign-On (SSO): Microsoft Entra ID (Azure AD), Google Workspace, and SAML 2.0 providers
- Multi-factor authentication (MFA): Available for all accounts
- Session management: Configurable session timeouts
Schools control which authentication methods are available to their staff.
Access Control
Junipa enforces role-based access control (RBAC) at both the application and database layers:
| Role | Access |
|---|---|
| Teacher | Own students and assigned groups |
| Administrator | All students within their campus |
| Auditor | Read-only access across campus |
| Case Worker | Assigned student case notes |
Firestore Security Rules enforce these boundaries at the database level, independent of the application.
Tenant Isolation
Each school operates in its own GCP project. This provides:
- Separate Firestore database per school
- Separate Firebase Authentication per school
- Separate Cloud Functions per school
- No shared data between schools at the infrastructure level
Multi-campus organisations use a separate org portal that connects to school instances via a secure handshake protocol.
Network Security
- Cloudflare WAF: Web Application Firewall in front of all traffic
- Content Security Policy (CSP): Restricts which external resources browsers can load
- HTTPS-only: HTTP requests are redirected to HTTPS
- API security: HMAC-SHA256 authentication, rate limiting, and audit logging on inter-service API calls
Backups
- Automated daily backups of all Firestore data
- 30-day backup retention
- Point-in-time recovery available
- Backups stored within the same GCP region (australia-southeast1)
Monitoring
- GCP Cloud Monitoring for uptime, error rates, and resource usage
- Cloudflare analytics for traffic patterns and threat detection
- Firebase Authentication anomaly detection
- Firestore audit logs for data access tracking