We take security seriously at UPSTACK, and understand the importance of ensuring that data is managed with confidentiality. The following describes our commitment to security on the UPSTACK platform. For any questions or concerns please contact firstname.lastname@example.org.
Application SecurityVisibility and control of all project access
- Visible pricing information is localized to individual projects.
- Users requesting pricing information on the UPSTACK marketplace are shown their own projects only.
- UPSTACK administrative staff members have access to projects to serve support requests on behalf of users.
- Vendor users may store pricing information on the UPSTACK marketplace for use in generating quotes.
- Vendor users providing pricing information on the UPSTACK marketplace have access to their own pricing information only.
- UPSTACK administrative staff members have access to pricing information to assist vendors with data questions.
- UPSTACK runs on Amazon Web Services infrastructure and the Heroku platform.
- Systems are hosted in ISO 27001 and FISMA certified data centers managed by Amazon Web Services
- Physical access is strictly controlled both at the perimeter and at building ingress points
- Data centers employ onsite security staff, video surveillance, and intrusion detection systems
- Authorized staff must pass two-factor authentication a minimum of two times to access data center floors
- Data centers are housed in nondescript facilities
- Physical security verified by third-party auditors