Agora Tutoring - Legal Compliance and Cybersecurity Alignment
Project scope
Categories
Product management Cloud technologies Security (cybersecurity and IT security) Information technologySkills
cybersecurity compliance technical audit general data protection regulation (gdpr) next.js (javascript library) cyber security standards codebase websocket heroku apollo graphql data securityProject Objective
The primary objective of this project is to bridge the gap between Agora Tutoring’s legal policies and its technical implementation. Students will conduct a legal, cybersecurity, and technical audit to ensure the platform's infrastructure and codebase align with its stated Terms & Conditions (T&C) and Privacy Policy (PP). They will also implement necessary changes to move the platform closer to full legal compliance and cybersecurity readiness.
Project Goals
By the end of this project, learners will:
- Analyze Agora Tutoring’s T&C and PP in conjunction with its codebase and infrastructure to identify discrepancies.
- Assess the platform’s compliance with privacy laws (e.g., PIPEDA, GDPR) and cybersecurity standards.
- Implement improvements in the application to align with the findings.
- Lay the groundwork for Agora Tutoring to achieve comprehensive legal and cybersecurity compliance in the future.
Project Activities
To accomplish these goals, students will:
Policy Analysis
- Review and extract key obligations and promises from Agora Tutoring’s T&C and PP, focusing on user data handling, security commitments, and operational standards.
Application and Codebase Review
- Examine the application, backend (Express, Apollo GraphQL, Redis, MongoDB) and frontend (React, Next.js) technologies for compliance with the promises outlined in the legal documents.
Infrastructure Audit
- Evaluate the configurations of key infrastructure elements (Heroku, Redis Cloud, MongoDB Atlas) against stated security and data-handling claims in the policies.
Legal & Cybersecurity Assessment
- Analyze compliance with key regulations such as PIPEDA (Canada), GDPR, and cybersecurity best practices, identifying vulnerabilities and risks.
Implementation
- Modify and update code to:
- Align data-handling practices with T&C and PP.
- Address cybersecurity vulnerabilities (e.g., secure Websockets, data encryption).
- Improve technical configurations for secure data storage and transfer.
- Update the infrastructure configurations to reflect best practices for security and scalability.
Documentation
- Provide detailed documentation of changes, highlighting how they address identified gaps.
Roadmap
- Deliver a comprehensive report and live demonstration of the implemented changes.
- Develop a future execution plan
- Highlight areas based on critical tasks and ease of implementation
Direct involvement in project tasks, offering guidance, and demonstrating techniques.
Providing access to necessary tools, software, and resources required for project completion.
Scheduled check-ins to discuss progress, address challenges, and provide feedback.
Supported causes
Quality educationAbout the company
Executive Summary:
Agora Tutoring is an online marketplace akin to Kijiji, equipped with a map function similar to Uber, specializing in connecting students with local tutors for in-person educational sessions.
Company Overview:
Agora Tutoring is an online dedicated platform that connects students with local tutors for in-person educational sessions. By focusing exclusively on face-to-face interactions, Agora Tutoring aims to foster a more personalized and effective learning experience. The platform serves as a bridge between students seeking tailored educational support and independent tutors looking for meaningful teaching opportunities in their local areas.
Services:
Agora Tutoring provides a user-friendly web platform where students can search for and connect with tutors across a variety of subjects and educational levels. The service is designed to facilitate in-person tutoring engagements, enabling direct interaction and hands-on learning that virtual platforms cannot replicate.
Business Model:
Agora operates on a subscription-based model where users pay a monthly fee to access the platform and connect with tutors. Tutors, as independent contractors, set their own rates and schedules by connecting through Agora Tutoring. This model ensures a steady revenue stream for the platform while also providing tutors with a consistent flow of potential students.
Target Market:
The platform primarily targets students at all academic levels who prefer or require in-person tutoring to achieve their educational goals. This includes K-12 students, college students, and adult learners seeking professional development or personal enrichment in specific subjects. Parents looking for reliable and accessible tutors for their children are also a key demographic.
Strategic Goals:
Agora Tutoring aims to become the leading provider of in-person tutoring services within local communities. Strategic objectives include expanding its user base, increasing the number of tutors on the platform, and enhancing the overall user experience with features that make scheduling and session management more efficient for both students and tutors.
Competitive Advantage:
Agora Tutoring’s commitment to exclusively in-person tutoring sessions sets it apart in an era where virtual platforms are prevalent. This focus on local, face-to-face interactions not only improves learning outcomes but also builds a sense of community and trust among users. Additionally, the subscription model offers users unlimited access to potential tutoring, providing flexibility and value that single-session fees cannot match.