Secure your workspace with Stash Hunt™
14 Apr, 2024
Your privacy is our responsibility
STEM[PI] has built a product Stash Hunt™ that provides Software as a Service(SaaS) to the users worldwide. We are giving enterprise a new avatar that will be a companion for any employee. When we talk about SaaS then Security is a key component. We are committed to maintaining the highest standards of data protection to ensure your information remains safe and confidential. Security is a fundamental aspect of our offerings, embedded in our people, processes, and products. Here we will cover data security, how we offer to our customers.
Overview
- Data Security
- Network Security
- Enterprise Security
- Authentication and Authorization
- Operational Security
- Crisis Management
- Ethical Reporting
Data Security
Secure by Design
At STEM [PI], we embed security into every stage of our software development lifecycle. Our secure by design approach ensures that security considerations are integrated from the initial design phase through to deployment and maintenance. This proactive strategy minimizes vulnerabilities and ensures our products are resilient against threats, providing robust protection for our users' data.
How we protect your Information
The security of your Information is important to us. We maintain industry standard physical, technical and administrative safeguards designed to protect your Information from unauthorized access. We update and assess our security controls on a regular basis including through audits conducted by third party auditors. Electronic Information, about visitors to our company web app (Stash Hunt™) and Information submitted to our Platform, regarding their account and log-in information, any feed created, whatever the search happens, is stored on a non-internet environment database servers hosted on our cloud server in India.
Encryption
Encryption is a cornerstone of our data security strategy. We use state-of-the-art encryption technologies to protect data both at rest and in transit. By encrypting sensitive information, we ensure that even if data is intercepted, it remains unreadable and secure. Our encryption practices comply with industry standards and regulatory requirements, safeguarding the confidentiality and integrity of your data. We uses the latest technology in the market to double shield the data what we collect from you via Stash Hunt™. We have implemented Transparent Data Encryption (TDE) to encrypt data at rest. We encrypt data before write to disk, and decrypt it when display. Every customer/tenant will be configured with their own private key that helps to encrypt data before it write to disk and decrypt data once read it from disk. Only and only Customer can have access to their data not even STEM[PI]. Underlying technology behind encryption is Advanced Encryption Standard (AES) 256 which is a symmetric encryption algorithm that uses a 256-bit key to convert plain text or data into cipher. We make sure all connections to our servers use Transport Layer Security (TLS).
Data Isolation
We prioritize data isolation to ensure that each customer's data is segregated and protected. By using advanced multi-tenancy architecture, we prevent cross-contamination of data between different users. This ensures that your data remains confidential and inaccessible to unauthorized parties, providing an additional layer of security and privacy.
Data Retention
We retain customer data until a deal is finalized between STEM [PI] and the customer. During this period, we securely store the data to facilitate the negotiation and agreement process. Our data retention policies are designed to store data only for as long as necessary to fulfill its intended purpose, which includes finalizing business agreements and contracts.
Data Handover
In the event that a customer decides not to proceed further with STEM [PI] for any reason, we ensure a seamless transition by providing the customer with the entire data set created during our engagement. This data is provided in JSON format, enabling easy access and transfer to the customer's systems or preferred storage.
Data Disposal
Once a deal is finalized or if a customer decides not to proceed further, we employ secure disposal methods to remove the data from our systems. This includes cryptographic erasure to ensure that the data is permanently and securely deleted from our databases. Additionally, we may utilize physical destruction methods for any associated physical storage devices, ensuring that no trace of the data remains within our infrastructure.
Network Security
We are committed to maintaining the highest standards of security across our network, infrastructure, and servers. By continually enhancing our security measures and staying ahead of emerging threats, we ensure a secure environment for our operations and the trust of our users. At STEM [PI], network security is a top priority. Our security protocols are designed to detect, prevent, and respond to any suspicious activities, ensuring the integrity and confidentiality of our data.
Infrastructure Security
Infrastructure security is integral to our overall security strategy. We employ comprehensive measures to safeguard our IT infrastructure, including physical security controls, access restrictions, and environmental safeguards for our data centres. Our infrastructure security practices ensure that our systems are resilient against physical and cyber threats, providing a secure foundation for our services.
Network Redundancy
To ensure high availability and reliability, STEM [PI] implements robust network redundancy measures. We have multiple redundant network paths and failover mechanisms in place to prevent single points of failure. In the event of a network disruption, our redundancy protocols enable seamless continuation of services, minimizing downtime and maintaining uninterrupted access for our users.
DDoS prevention
We use the most advanced technologies to prevent DDoS attacks on our servers. These technologies offer multiple DDoS mitigation capabilities to prevent disruptions caused by traffic. This keeps our applications and APIs secure.
Enterprise Security
At STEM [PI], we prioritize comprehensive security measures to safeguard our enterprise environment. Our commitment to security is reflected through various key initiatives.
Security Awareness
We believe that security awareness is crucial for maintaining a secure enterprise. We conduct regular training sessions and workshops to ensure all employees are well-informed about the latest security practices and threats. By fostering a culture of security consciousness, we empower our team to recognize and mitigate potential risks proactively
Dedicated Security and Privacy Teams
Our dedicated security and privacy teams work tirelessly to protect our systems and data. These experts are responsible for developing and implementing robust security policies, monitoring potential threats, and responding to incidents swiftly. Their continuous efforts ensure that our security practices are aligned with the highest industry standards.
Internal Audit and Compliance
We conduct regular internal audits to evaluate the effectiveness of our security measures. Our compliance team ensures that we adhere to relevant regulations and industry standards, such as ISO – 27001 and SOC 2. By maintaining strict compliance, we demonstrate our commitment to safeguarding our users' data and maintaining their trust.
Endpoint Security
To protect our network and data, we implement comprehensive endpoint security measures. This includes the use of advanced antivirus software, intrusion detection systems, and regular security updates for all devices connected to our network. By securing endpoints, we reduce the risk of unauthorized access and data breaches, ensuring a secure environment for our operations.
Authentication and Authorization
Authentication and authorization are fundamental aspects of our approach to protecting your data and ensuring the security of your account. Here's how we handle these processes.
Single Sign-On (SSO)
With Single Sign-On (SSO) provided by STEM [PI], accessing multiple applications and services becomes hassle-free. Customers can log in once using their credentials and gain seamless access to various STEM [PI] platforms without the need for repeated logins.
Multi-Factor Authentication (MFA)
STEM [PI] offers Multi-Factor Authentication (MFA) to provide customers with an extra layer of protection. By requiring multiple forms of verification, such as passwords and one-time codes, MFA significantly reduces the risk of unauthorized access and enhances account security.
Compliance Assurance
By implementing MFA, STEM [PI] ensures compliance with industry regulations and standards that mandate enhanced security measures. Customers can trust that their data and accounts are protected in accordance with the highest security standards and best practices.
Sensitive Data
STEM[PI] is committed to protecting your sensitive data and maintaining its confidentiality. We do not disclose, sell, modify, delete, share, or distribute any data provided by you in any format. Additionally, we do not have the rights to view the data you provide, except for the purpose of providing support with your explicit consent. Your sensitive data is handled with the utmost care and discretion to ensure its security and privacy.
Operational Security
We provide the best user experience to our customer while not throwing unwanted cookies, adds, spam, etc...
User-Centric Experience
At STEM [PI], our foremost aim is to offer you a straightforward and efficient user experience when using our web app. To accomplish this, we have adopted a privacy-first approach. Unlike many other platforms, we do not utilize cookies for tracking purposes. This means that we do not collect any information about your browsing activities on our website or platform.
Privacy Prioritization
We prioritize your privacy above all else. By refraining from the use of cookies, we ensure that your online activities remain confidential and secure. Your data is not tracked, monitored, or stored for any marketing or advertising purposes. We are committed to upholding the highest standards of data protection and confidentiality, giving you peace of mind while using our services.
No Advertisement Policy
It’s important to note that we do not run any advertisements on our web app. This deliberate choice reflects our commitment to maintaining a clean and distraction-free environment for our users. By not displaying ads, we do not need to read or analyze your data to showcase targeted advertisements. Your browsing experience is free from intrusive ads, allowing you to focus on what matters most—utilizing our platform to meet your needs effectively.
Malware and Spam Protection
To safeguard against malware and spam threats, we implement comprehensive protection mechanisms, including antivirus software, email filtering, and threat intelligence feeds. These measures help prevent malicious software infections and mitigate the impact of spam emails, ensuring the security and reliability of our systems and communications.
Crisis Management
Our regular backups are securely transferred to a different data center located at a geographically distant location. This offsite backup storage ensures that our data remains safe and accessible even in the event of a localized disaster or crisis affecting one data center.
Backup
We maintain regular backups of critical data and system configurations to mitigate the risk of data loss due to hardware failures, human errors, or malicious activities. Our backup procedures are designed to ensure data integrity, accessibility, and recoverability, enabling us to restore operations swiftly in the event of an incident or disaster.
Redundant Systems and Failover Mechanisms
STEM [PI] employs redundant systems and failover mechanisms to maintain continuous service availability. In the event of a crisis, our systems automatically switch to backup resources or alternate data centers to ensure uninterrupted service delivery to our customers.
Disaster Recovery Plan Activation
Upon detection of a crisis or disaster, our predefined disaster recovery plan is activated. This plan outlines the steps and procedures for restoring services and recovering data in a timely manner. Our dedicated disaster recovery team mobilizes quickly to execute the recovery plan and mitigate the impact on our operations.
Data Restoration
Using the backups stored in the offsite data center, we initiate the process of data restoration. This involves transferring the backed-up data to the appropriate systems and verifying its integrity to ensure that all critical data is recovered accurately.
Ethical Reporting
At STEM [PI], we prioritize ethical reporting and transparency in all aspects of our operations. Here's how we ensure transparency and keep our customers informed.
Third-Party Audits
We conduct regular third-party audits to assess the effectiveness of our security measures and ensure compliance with industry standards and best practices. These audits provide independent validation of our security posture and help identify areas for improvement. By engaging reputable audit firms, we demonstrate our commitment to transparency and accountability in safeguarding customer data.
Regular Security Updates
We believe in proactive communication with our customers regarding security updates and enhancements. We regularly update our security measures to address emerging threats and vulnerabilities. These updates are communicated promptly to our customers through various channels, including email notifications, in-app messages, and our website’s security bulletin section. By keeping our customers informed, we empower them to stay vigilant and take necessary precautions to protect their data.
Minimized Customer Impact
At STEM [PI], we understand the importance of uninterrupted service availability to our customers' operations. Any scheduled maintenance or downtime is carefully planned and coordinated to minimize impact on our customers' work schedules. We strive to schedule maintenance windows during off-peak hours to ensure minimal disruption to our customers' workflows. Our commitment to zero-impact maintenance reflects our dedication to delivering a reliable and uninterrupted service experience for our customers.
By integrating these advanced techniques, we ensure that your data is secure, private, and accessible only to you. At STEM [PI], we are committed to maintaining the highest standards of data security to protect your information and uphold your trust.
Explore the possibilities with STEM[PI] today! Visit STEM[PI]
