Security Practices at Stackby

Avatar

By Rachit

updated 15 days ago

We take Security at Stackby, seriously. Period. 

We take continuous measures to maintain a healthy security postures and also lead a bug bounty program for security researchers to disclose any security vulnerability. 

Privacy & GDPR 

We comply with all applicable privacy laws and regulations. You can learn more about our privacy practices in our Privacy Policy and our commitment to the GDPR here

You will find the current list of Stackby's data sub-processors here

You can also export data from Stackby to Excel, CSV files or by using our Stackby Developer API. 

Network and System Security 

  • Encryption: When you visit Stackby website, the transmission of information between your device and our servers is protected using 256-bit TLS encryption. At rest, Stackby also encrypts data using AES-256. 
  • Data Centers: We use AWS for our hosting infrastructure. Our data centers are located in different geographies (USA, Singapore, UK), the data centers are SOC 1, SOC 2 and ISO 27001 certified. Our data centers have tight security, strict access control, full redundancy and other measures in place. 
  • Security Updates: We regularly install security updates and patches to keep our servers up to date. Our servers are protected using firewalls. 
  • Backups: We take data backups every day and it's replicated across multiple availability zones for durability. We also maintain product continuity and disaster recovery plans. We have the ability to restore data from last 35 days. 


Product Security 

  • User Permissions: On Stackby, you can invite team members on Workspaces, Stacks and Views and give them different permission types (Owner, Creator, Editor, Read-only etc.). Users with permissions, will only access what they're permitted to and their actions will be limited as per those permissions.  
  • Row level activity history: We also give an ability to see the activity history on each row, based on different pricing tiers. Starts from 2 weeks to 3 years. 
  • 2FA: We recommend enabling Two-factor authentication (2FA) on your accounts if you're using Password based authentication.
  • SSO: We also support SAML-based Single Sign-On and additional enterprise features on our Enterprise plan. 


Organizational Security

Stackby vets employees and perform background checks before they join the organization in accordance with local laws. 

We also maintain separate development and production environments, and follow a rigorous release process to push improvements and new features. 

Our systems are also protected with strong passwords, automatic locking and full-disk encryption.

We also manage a bug bounty program to work with security researchers, in identifying and fixing potential security vulnerabilities. 

Report an issue with us: 

You can reach out to us on security@stackby.com or send us a request via our bug bounty program


Did this answer your question?