Security at Agora
We understand that development organizations operate in volatile contexts where information security is vital. Agora is built on a foundation of zero-trust principles and enterprise-grade protection.
End-to-End Encryption
All data—from field intelligence signals to stakeholder CRM profiles—is encrypted at rest using AES-256 and in transit via TLS 1.3.
Zero-Knowledge Architecture
For highly sensitive field reports, Agora supports zero-knowledge client-side encryption, ensuring even our infrastructure cannot read your data.
Data Sovereignty
Choose where your data resides. We offer dedicated regional hosting in the EU, US, or specific African hubs to comply with local data regulations.
Enterprise IAM & SSO
Integrate seamlessly with your organization's identity provider via SAML 2.0 or OIDC. Enforce granular Role-Based Access Control (RBAC) across country teams.
Immutable Audit Logs
Every action, view, and export is recorded in tamper-evident audit logs, providing complete traceability for compliance and internal review.
Compliance & Certifications
Agora is designed to meet the stringent security requirements of UN agencies. We are actively pursuing ISO 27001 and SOC 2 Type II certifications.
Report a Vulnerability
We take security seriously. If you believe you have found a security vulnerability in our platform, please report it to our security team immediately.
Contact Security Team