Security is very important to Stagecast and everyone here is doing their best to keep your data secure. This document describes our internal security policies and how those translate into creating a secure platform that you can trust.
You can read our Data Processing Agreement in full as a recap.
We are committed to follow and implement all the guidelines and recommendations from GDPR with regards to all the data and information we handle, process, and store at Stagecast.
All of Stagecast infrastructure runs in Amazon AWS, hosted in European regions. You can find more information about AWS security practices on their cloud security page.
Data Encryption at Rest
We use different Amazon AWS services, such as DocumentDB and S3, and we configured them to use AES-256 encryption for all data at rest.
Data Transport Security
All communications with Stagecast servers is done over TLS. We do this so no one can eavesdrop on communications between your machine and our application. An attempt to connect with HTTP will be redirected to HTTPS.
At Stagecast we closely inspect any code before it is released. Our developers inspect the logic and information flows of each new feature to ensure no security vulnerabilities are introduced. But because humans aren't perfect we also write tests to ensure the application does not behave in an unexpected way.We also run semi automatic scanning tools, like static code analysis tools, in order to find any security and other technical problems.
To not reinvent the wheel, we use third-party libraries to make our application better every day. Of course, it is never as simple as using a component and then forgetting about it, so at Stagecast we review and monitor our third-party components for known vulnerabilities using automatic systems like Dependabot.
Inside our Amazon AWS infrastructure we segment our network into different areas, decoupling our production environments from our testing and development environments.
As listed in our website, we have integrations with other services so the experience at Stagecast gets enriched. You can verify in that page their respective licenses.
Stagecast's infrastructure is built on top of Amazon AWS and we use their services to generate daily backups for our database that are then retained for up to 30 days.
Security Vulnerability Disclosure
We always appreciate when Stagecast users and security researchers contact us regarding security vulnerabilities. You can reach us at firstname.lastname@example.org.