Respect for customer privacy and confidentiality underpins the Stax product. We do everything we can to protect your data within Stax.
Stax is built on Amazon Web Services (AWS) and adopts and employs AWS services and frameworks, including the AWS Well-Architected Framework, to ensure its security controls align with enterprise-grade standards.
Data Protection: Encryption
All customer data managed by Stax is encrypted at rest and in transit. AWS native encryption services are used, which utilize AES-256 encryption.
The customer data being managed by Stax includes:
- Data collected and stored by the Stax User service in your security account
- Log files collected and stored within S3 in your logging account
- Data collected upon signup and stored within the Stax platform
Data Protection: Hosting and Storage
Stax is hosted on Amazon Web Services (AWS). The security controls utilized by AWS to protect information stored within their Data Centers can be found here.
Employee Access to Customer Data
No Stax employees will access customer data unless required for support reasons.
Endpoint Security: Access Controls
Stax employs a number of controls to protect access to Stax systems.
- Authentication: Multi-factor authentication is required for all Stax access.
- Provisioning: Role-based permissions are utilized within Stax systems and user provisioning is based upon the principle of least privilege.
- Logging and Monitoring: System access is logged and all employee activity within Stax systems is recorded.