Infinite Campus security is evident throughout the system and accommodates users in a true multi-user modality. Because Infinite Campus is a multiple tier system, it employs an advanced object-based security model that is role and function-based. Individual stakeholders are assigned one or more login password identities. Stakeholders can be assigned to more than one group providing true multi-user modality. When a stakeholder logs in with a particular identity, they see only the tools they have been assigned and only the data that the Infinite Campus business logic associates with those tools.

States and district administration personnel determine what types of groups Infinite Campus will manage. For example teachers, attendance clerks or guidance counselors can be assigned group rights. The state or district can then define what system rights each group type will be allowed under each system’s functionality including read, write, add or delete capabilities. These permissions allow users to access the student management system and if allowed they can post new data to the database via a Web browser.

The system administrators can add or remove these rights by group through an easy-to-use checkbox list managed within the system admin section of the product. Security can be established at login, sub-system, application, file, field and user levels. Users are assigned security rights when they are hired and added to the Infinite Campus through a district assignment.

Infinite Campus recently was audited Department of Interior's Bureau of Indian Education, a Campus customer, for security approval meeting the National Institute of Standards and Technology. These security control standards are required for federal information system installations including the Department of Defense. Infinite Campus was required to meet the 19 steps listed on form 800-53 which is located at: http://csrc.nist.gov/publications/nistpubs/800-53-Rev1/800-53-rev1-annex3-sz.pdf