As cyber threats to the education sector grow more sophisticated, Xplor‘s Chief Security Officer Kevin Kanji explains why we consider robust technology safety as a fundamental obligation to families and educators alike.

In early childhood education, trust is paramount. Parents hand over not only their children each morning, but a wealth of sensitive personal information such as enrolment records, health details, payment data, and daily developmental updates. As more of that information moves through digital platforms, the question of how it is protected has become one of the most pressing issues facing the sector.

For Xplor Education, one of Australia’s leading early education technology platforms, security is not an obligation or a selling point; It is a foundational commitment.

“When a family shares their child’s information with a service using our platform, they’re placing an enormous amount of trust in both the provider and in us,” says Kevin Kanji, Chief Security Officer at Xplor Education. “Our mission is to make sure that trust is never broken. We strive to maintain that relationship by building security into everything we do. This is at the heart of our decision making – from the infrastructure we choose, to the way we design our software and support our customers.”

The Threat Landscape Facing Education Technology

Australia’s early childhood education sector has undergone a rapid digital transformation in recent years. Platforms like Xplor Education now sit at the centre of service operations; managing enrolments, CCS (Child Care Subsidy) processing, family communications, rostering, and payments. That breadth of functionality, while enormously valuable, also means these platforms hold significant volumes of sensitive data.

The Australian Cyber Security Centre (ACSC) has consistently identified education and childcare as a high-risk sector, with phishing, ransomware, and data breaches among the most reported incidents. Globally, attacks on education platforms have surged, with criminals recognising that many providers lack the internal resources to defend against sophisticated threats.

This is precisely why choosing a technology partner with enterprise-grade security practices matters so much. For early childhood services, the question isn’t just “does this software do what we need?” but “can we trust this partner to protect our families?”

AWS: The Infrastructure Powering Xplor Education’s Security

One of the cornerstones of Xplor Education’s security posture is its infrastructure, hosted on Amazon Web Services (AWS) – the world’s most widely adopted and trusted cloud platform, used by governments, banks, and healthcare providers worldwide.

By building on AWS, Xplor delivers a level of protection that individual early childhood services could not simply achieve on their own. This includes end-to-end encryption of data both at rest and in transit, continuous automated threat detection, and advanced firewall protections that guard against web-based exploits and denial-of-service attacks.

Critically for Australian providers, Xplor’s use of AWS means data can be stored and processed within Australian data centres – supporting compliance with the Privacy Act 1988 and the Australian Privacy Principles (APPs), which govern how personal information must be handled. This is a meaningful assurance for services operating under ACECQA frameworks and state regulatory requirements.

“Choosing AWS wasn’t just about scalability or reliability – although it delivers both in spades,” Kanji explains. “It was about giving our customers access to the same calibre of security infrastructure that our global products at Xplor, and the world’s most security-conscious organisations rely on. In Australia, that also means we can keep data onshore and meet the obligations our customers have under Australian privacy law.”

Single Sign-On: Simplifying Access Without Sacrificing Security

One of the more visible security features Xplor offers is Single Sign-On (SSO), which is a capability that might sound purely technical but has real, practical implications for services and their staff.

SSO allows educators and administrators to access Xplor’s suite of tools using a single set of verified credentials, rather than managing multiple usernames and passwords across different systems. The result is both a better user experience and a stronger security profile.

Weak or reused passwords remain one of the most common entry points for unauthorised access. SSO reduces that risk significantly by centralising authentication through secure identity providers, and it integrates seamlessly with multi-factor authentication (MFA), an additional layer of verification that makes it far harder for bad actors to gain access even if credentials are compromised.

For multi-site operators managing large teams, SSO also streamlines onboarding and offboarding, which ensures that when a staff member leaves, access can be revoked across all connected systems in a single action, closing a common security gap.

Technology Safety Tips for Early Childhood Services in Australia

While Xplor Education invests heavily in platform-level security, technology safety is a shared responsibility. Here are some practical steps Australian early childhood services can take to strengthen their own security posture:

Enable Multi-Factor Authentication (MFA)

Ensure MFA is activated for all staff accounts. It is one of the single most effective defences against unauthorised access.

Keep Software Updated

Outdated software is a leading cause of security vulnerabilities. Set operating systems, apps, and browsers to update automatically wherever possible.

Train Your Team Regularly

Phishing emails remain the most common way attackers gain access to systems. Run regular, brief training sessions so educators can recognise suspicious messages.

Use Long, Unique Passphrases and a Password Manager

Encourage staff to use a reputable password manager rather than reusing passwords across services.

Review Access Permissions

Periodically audit who has access to your platform and data. Remove permissions for staff who have left or changed roles.

Partner With Vendors Who Prioritise Security

When evaluating technology providers, ask questions such as, where is our data stored? How is it protected? What happens in the event of a breach? Look for providers who can speak clearly and confidently about their infrastructure, data residency practices, and incident response processes – not ones who treat security as fine print.

Security as a Shared Value

For Xplor Education, the investment in security infrastructure, from AWS hosting to SSO and continuous monitoring, reflects a broader philosophy: that technology in the early childhood sector must be held to the highest standards.

“We work with thousands of services across Australia and beyond, and every one of them is responsible for the wellbeing of the children and families in their care,” Kanji says. “We see our role as giving those services the tools and the confidence to do that job, knowing that the technology underpinning their operations is as safe and secure as it can possibly be.”

As the sector continues to evolve and digital adoption deepens, that commitment will only grow in importance. For families, educators, and service leaders alike, knowing that their data is protected is the baseline expectation. Xplor Education is working every day to meet it.

sallitrump Profile Picture

by Xplor Education Team

  • First published: 16 June 2026

    Written by: sallitrump