Att: Security 

Security Features

Efficient collaboration depends on the right information being shared with the right people at the right time – and knowing it’s shared securely. Stratforge ensures sensitive company and customer information remains secure with enterprise-ready security features and compliance with various industry and cloud service standards.

→ Data encryption in transit and at rest
→ Single sign-on via industry-standard authentication protocols
→ Granular app management
→ Support for Enterprise Mobility
→ Complete Audit Trail, Logs
→ Message Retention & Controls
→ Enterprise ACL
→ Support for two-factor authentication
→ Encryption of data in transit and at rest

Compliance and Accreditation

 

 

ISO

International Organization for Standardization (ISO):

→ ISO/IEC 27001: Information Security Management System
→ ISO 9001:2015 - Quality management systems

SOC 

SSAE 18/ISAE 3000 Service Organization Control (SOC):

→ SOC 2, Type 1 (Security, Confidentiality, and Availability) - Certified

→ SOC 2, Type 2 (Security, Confidentiality, and Availability) - Mapped and Ready 

 

 

Others

Additionally, Stratforge has taken extensive steps to meet specific regulatory and industry compliance requirements with our platforms. 

→ CCPA
→ GDPR

Trust

Organizations use our platforms as their secure and accountable infrastructure to maximize the utility of their data while making sure that it's processed in accordance with the rules, regulations, and norms that govern data privacy.

Stratforge & the EU General Data Protection Regulation (GDPR)

Stratforge is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018. We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.

Highlights

Disaster Recovery & BCP

We maintain a Disaster Recovery plan that supports robust business continuity strategy.

External Security Assessments

Attestation of penetration tests and security assessments performed by third parties.

Internal Security Best Practices

Implementation of the best practices identified and adopted. Powerful internal data security program in place.

Financial Services Compliance

How stratforge helps support financial service institutions with regulatory requirements.

PCIDSS

How stratforge helps support financial service institutions with regulatory requirements.

GDPR

We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR.

Access Controls

Role-based access through IAM with ACL matrix, two-factor authentication and end-to-end audit trails.

Encryption

AES 256 bit encryption with 1,024 bit key-strength for data at Rest and TLS encryption for data in transit.

Incident Management

Procedures for reporting incidents, and timely tracking, investigation and resolution.

Security Operations

EW Detection, containment, and addressing of suspect or actual security incidents.

Cross Geo Redundancy

Multiple Availability Zones serves customers thereby providing seamless DR capability.

Data Backup

Near real-time backups taken across multiple availability zones in highly secure containers.

Redundancy

Stratforge employs service clustering and network redundancies to eliminate single points of failure.

Secure development

Testing & staging are separated physically & logically from the production environment.

Intrusion Detection and Prevention 

Application data flow ingress and egress points are monitored with Intrusion Detection & Prevention Systems.

Security Incident Response 

In case of a system alert, 24/7 teams providing Operations, Network, & Security coverage takes over.

Disaster Recovery & BCP

Stratforge maintains a Disaster Recovery plan that supports a robust business continuity strategy for the production services and platforms. This plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The Disaster Recovery plan is constantly measured against strict regulatory and governance requirements, and is a crucial part of the acceptance plan when making changes or additions to the production environment. 

Stratforge Policies & Procedures

Email for Stratforge Policies & Procedures

legal@stratforge.com