Security
How we protect your data
Our commitment
Security is fundamental to StratTier. Your project data, strategic analyses, and team information are protected with industry-leading security practices.
Infrastructure Security
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Secure Hosting
We use enterprise-grade cloud infrastructure with SOC 2 Type II compliance.
Network Security
Firewalls, intrusion detection, and DDoS protection safeguard our infrastructure.
Backups
Automated daily backups with point-in-time recovery capabilities.
Application Security
- Secure Authentication
We support OAuth with Google and other providers. Passwords are hashed using industry-standard algorithms.
- Role-Based Access Control
Fine-grained permissions ensure users only access what they need.
- Session Management
Secure session handling with automatic expiration and the ability to revoke sessions.
- Input Validation
All user inputs are validated and sanitized to prevent injection attacks.
Operational Security
- Access Control
Principle of least privilege for all team members. Access to production systems is strictly controlled.
- Monitoring
24/7 monitoring of our systems with alerts for suspicious activity.
- Incident Response
Documented incident response procedures to handle security events quickly.
Enterprise Security
Enterprise customers receive additional security features:
- SSO/SAML integration
- Audit logs for all user actions
- Custom data retention policies
- Dedicated security reviews
- SLA with uptime guarantees
Responsible Disclosure
We appreciate security researchers who help keep StratTier safe. If you discover a vulnerability, please report it responsibly to:
Email: security@strattier.com
Questions?
For security-related questions, contact us at security@strattier.com