Stensul raises $34.5m in Series C funding
At Stensul maintaining the security and trust and privacy of our customers is our top priority. Stensul has implemented a robust security program that spans from secure system architecture through employee training on security and privacy best practices.
Stensul is audited annually by and complies with the AICPA standards for Controls at a Service Organization (SOC2 Type 2).
Stensul provides various tools and features that can be used to keep a Stensul account and resources safe from unauthorized use, including user/password authentication with a configurable password and account lockout policy, standard SSO methods: OAUTH2 / OIDC & SAML 2.0., and user activity logging for security monitoring. For more distributed use, SSO may be configured for JIT access, enabling secure and agile operations. You can view our SSO integrations here.
Customer and employee login information for the Stensul platform is encrypted using non-reversible encryption techniques, data is transmitted using only HTTPS endpoints with TLS (2048 bit keys). Data is encrypted both in transmission and at rest for working files and offsite backups.
The Stensul production environment is located at TIER-1 providers in the United States that offer robust physical and operational security. Stensul uses Google Cloud Platform (GCP) and Amazon Web Services (AWS) as production data centers.
Stensul uses a world-class infrastructure that is carefully monitored, dispersed around multiple availability zones, and has fault-tolerant web architectures with cloud resources.
Stensul product development adheres to software development life-cycle (SDLC) best practices with multiple steps to ensure the quality and the security of our platform.
Access to servers is protected by a bastion host secured using two-factor authentication (2FA) and accessible only via VPN.
Stensul is protected by a globally distributed network built to absorb distributed denial of service (DDoS) attacks.
Stensul runs an intrusion detection system (IDS) on the front line for servers that have exposure to the DMZ. File servers run an antivirus (AV) with daily updates.
All Stensul employees have mandatory security and privacy awareness training.