Att: Security
Security Features
Efficient collaboration depends on the right information being shared with the right people at the right time – and knowing it’s shared securely. Stratforge ensures sensitive company and customer information remains secure with enterprise-ready security features and compliance with various industry and cloud service standards.
→ Data encryption in transit and at rest
→ Single sign-on via industry-standard authentication protocols
→ Granular app management
→ Support for Enterprise Mobility
→ Complete Audit Trail, Logs
→ Message Retention & Controls
→ Enterprise ACL
→ Support for two-factor authentication
→ Encryption of data in transit and at rest
International Organization for Standardization (ISO):
→ ISO/IEC 27001: Information Security Management System
→ ISO 9001:2015 - Quality management systems
SSAE 18/ISAE 3000 Service Organization Control (SOC):
→ SOC 2, Type 2 (Security, Confidentiality, and Availability) - Mapped and Ready
Additionally, Stratforge has taken extensive steps to meet specific regulatory and industry compliance requirements with our platforms.
→ CCPA
→ GDPR
Organizations use our platforms as their secure and accountable infrastructure to maximize the utility of their data while making sure that it's processed in accordance with the rules, regulations, and norms that govern data privacy.
Stratforge is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018. We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.
We maintain a Disaster Recovery plan that supports robust business continuity strategy.
Attestation of penetration tests and security assessments performed by third parties.
Implementation of the best practices identified and adopted. Powerful internal data security program in place.
How stratforge helps support financial service institutions with regulatory requirements.
How stratforge helps support financial service institutions with regulatory requirements.
We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR.
Role-based access through IAM with ACL matrix, two-factor authentication and end-to-end audit trails.
AES 256 bit encryption with 1,024 bit key-strength for data at Rest and TLS encryption for data in transit.
Procedures for reporting incidents, and timely tracking, investigation and resolution.
EW Detection, containment, and addressing of suspect or actual security incidents.
Multiple Availability Zones serves customers thereby providing seamless DR capability.
Near real-time backups taken across multiple availability zones in highly secure containers.
Stratforge employs service clustering and network redundancies to eliminate single points of failure.
Testing & staging are separated physically & logically from the production environment.
Application data flow ingress and egress points are monitored with Intrusion Detection & Prevention Systems.
In case of a system alert, 24/7 teams providing Operations, Network, & Security coverage takes over.
Stratforge maintains a Disaster Recovery plan that supports a robust business continuity strategy for the production services and platforms. This plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The Disaster Recovery plan is constantly measured against strict regulatory and governance requirements, and is a crucial part of the acceptance plan when making changes or additions to the production environment.
Email for Stratforge Policies & Procedures