A cartoon illustration of a basset hound dog with droopy ears, a brown and white coat, standing on all four legs, looking upward.

Security

Courso is built with security, privacy, and reliability at its core. Our platform is hosted on Amazon Web Services (AWS), a globally trusted cloud infrastructure provider used by governments and large enterprises worldwide.

Courso operates separate staging and production environments on AWS. AWS data centres are protected by multiple layers of physical and operational security, including 24×7 monitoring, biometric access controls, and video surveillance. AWS maintains independent third-party certifications including SOC 1, SOC 2, and SOC 3.

AWS security practices are publicly documented at:

https://aws.amazon.com/security

Enterprise & Government Assurance

Courso is designed to support the security, privacy, and governance needs of enterprise and public sector organisations.

Our platform is built on Amazon Web Services (AWS) and follows security-by-design principles across infrastructure, access control, and data handling. We apply least-privilege access, environment separation, and industry-standard encryption to protect customer data.

Courso supports organisational requirements around:

  • Data residency in Australia, with transparent disclosure where supporting services operate outside the primary region

  • Strong access controls, including role-based access, two-factor authentication, and enterprise SSO

  • Alignment with widely recognised security and privacy frameworks used across New Zealand and Australia

We regularly work with councils, government agencies, and large organisations, and provide security, privacy, and compliance information to support procurement, risk assessment, and internal assurance processes.

For customers with enhanced governance or regulatory needs, additional documentation and security information can be provided on request.

Frequently Asked Questions

  • Courso is hosted primarily in AWS data centres located in Sydney, Australia.

    Some supporting AWS services operate from Oregon, USA, where equivalent services are not currently available in the Sydney region.

    Courso also uses AWS CloudFront, a global content delivery network, to securely deliver content with low latency worldwide.

    More information on AWS security can be found at:

    https://aws.amazon.com/security

  • Access to Courso infrastructure is strictly limited to authorised personnel who require it to perform their role. Access is controlled, logged, and regularly reviewed. Customer data confidentiality is maintained at all times.

  • AWS infrastructure is housed in Amazon-controlled data centres. Physical access to these facilities is tightly restricted, and the exact locations are disclosed only to authorised AWS personnel with a legitimate business need.

  • Yes. All data in transit between users and Courso, and between internal services, is encrypted using industry-standard TLS/SSL encryption.

  • Courso relies on AWS infrastructure, which is independently certified against a wide range of international standards, including:

    • ISO 27001

    • SOC 1 and SOC 2 (SSAE 16 / ISAE 3402)

    • PCI DSS Level 1

    • IRAP (Australia)

    AWS also supports compliance with relevant privacy and data protection frameworks in New Zealand and Australia.

    More details are available at:

    https://aws.amazon.com/compliance

  • Courso provides the following user-level security controls:

    • Two-factor authentication (2FA) for all users

    • Single Sign-On (SSO) for enterprise customers

    These capabilities are implemented using industry-standard security protocols.

Ready to get started?

Start a 14-day free trial and explore Courso with confidence.

Get Started for Free ➔

No payment required until you subscribe.