An increasing number of public administrations, universities and official bodies are using Moodle to manage their online training. These platforms store the personal data of thousands of users, academic information, assessments, certificates and even internal documentation.
But what guarantees that all that information is protected?
The answer lies in the National Security Framework (ENS), a set of requirements that public authorities and the technology providers working with them must meet in order to ensure information security.
If your organisation uses Moodle or is considering implementing a training platform for a public body, it is essential to understand what the ENS is.
What is the National Security Framework (ENS)?
The National Security Framework (ENS) is the regulatory framework that sets out the principles, requirements and security measures to be applied by Spanish public administrations and the companies that provide them with technology services.
Its aim is to ensure that information systems are:
- Available whenever you need them.
- Intact, preventing unauthorised modifications.
- Confidential: protecting sensitive information.
- Authentication, verifying the identity of users and systems.
- Traceable, recording the actions carried out.
In other words, the ENS sets out how information should be protected in order to minimise risks and ensure service continuity.
What is the relationship between the ENS and Moodle?
A Moodle platform usually manages far more information than it appears to. Depending on the type of organisation, it may store:
- Personal data of students and staff.
- Assessment records and results.
- Training certificates.
- Information on professional skills.
- Internal content of a confidential nature.
- Activity and access logs.
Where this information belongs to a public administration or a body working on its behalf, the system must comply with the security requirements laid down by the ENS.
It is not just about the Moodle software itself, but the whole environment surrounding it: the infrastructure, hosting, backups, access controls, monitoring and incident management.

What does working with an ENS-certified supplier involve?
Choosing a certified provider means working with an organisation that has demonstrated that it implements security measures in line with the requirements set by the National Cryptology Centre (CCN).
This involves aspects such as:
- Risk management.
- Access control.
- Data protection.
- Service continuity.
- Incident management.
- Regular audits.
- Continuous improvement of security measures.
Beyond regulatory compliance, it provides a guarantee that safety is an integral part of the supplier’s work processes.
3ipunt’s commitment to safety
At 3ipunt, we have been working for many years with universities, public authorities and organisations that require secure and reliable training platforms.
We are therefore certified under the National Security Scheme (ENS), which confirms that our processes and services meet the security requirements necessary for working with public bodies.
This certification complements other quality and safety standards that are already an integral part of the way we work, such as ISO 9001, ISO 27001 and ISO 33000.
Our aim is not simply to deploy Moodle platforms, but to provide secure, scalable learning environments that are tailored to meet the requirements of each organisation.
Does your Moodle platform meet the security requirements?
If your organisation works with public authorities or handles sensitive information, it is important to check whether the platform complies with the requirements of the National Security Framework.
At 3ipunt, we help universities, public bodies and companies to implement, maintain and develop Moodle platforms, with full guarantees of security and regulatory compliance.




