resource center   >  topics  >  Admin Set Up

Stracl Security and Technical Overview

Stracl Security Summary

  • Cloud Based software solution hosted by Amazon Cloud Computing
  • All server administration access through VPN
  • Data in transit protected with 256-bit SSL and 2048-bit CSR encryption 
  • Data at rest encrypted using AES 128-bit encryption to meet PII requirements
  • Data base is backed up daily, backup files encrypted and stored on AWS Simple Cloud Storage (S3)
  • Fail over server hosted by Amazon Cloud Computing for faster recovery times and minimal service disruption
  • SingleSign-On (SSO) Authentication Using SAML 2.0. - Okta, IBM Cloud, and MSAzure 
  • Data PrivacyFrameworks
  • EU-U.S.Swiss-U.S. Privacy Shield
  • Data CoveredNon-HR

Note

  • Organization Data Collected: The information collected about an individual includes basic information such as name, email address, manager, location.  
  • Email address, employee first and last name, and manager name are encrypted.
  • The data collected is for business processes and design strategies for change management.

Frontend Technical Information

Technical
Employee_ID string
Recommended Browsers Google Chrome, Microsoft Edge, Firefox
Supported Browsers Internet Explorer 11
JavaScript Libraries jQuery, jQuery UI, Bootstrap, Datatables, Moment, Select2, D3, C3
JavaScript Frameworks Vue
Languages HTML 5, CSS 3, JavaScript, CoffeeScript, SASS
Device Support Desktop - Yes Tablet – No [Except by Browser] Mobile – No [Except by Browser]
Layout Fluid (Full Width)
Contact
Technical Contact  Rebecca Tan  408-416-1548  rtan@stracl.com

Server Technical Information

Dedicated Server
Hosted by Amazon Web Services (SSAE 16 Type II-certified). Stracl has a virtual server hosted by Amazon Web Services. The server is located in US West (Northern California).
Processor Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz, 2500 Mhz, 2 Core(s), 4 Logical Processor(s)
Disk Space 130GB RAID storage
Memory 16GB RAM
Web Server IIS 10 .NET Framework 4.6.2
SSL Enabled (RSA 2048 Bits)
Database
Database Microsoft SQL Server 2019 Web Edition (64-bit) SQL Server jobs that run daily to backup the database, encrypt backup files and SFTP to AWS S3
ASP.NET Application
Authentication Form-based authentication that requires username and passwordSAML authentication for Single Signed-On
Password MD-5 encrypted Users are prompted to change password every 90 Days Personally Identifiable Information (PII) data is encrypted on load into database to ensure confidentiality of data while at rest (Optional configuration setting)
Website Security
Web Server Ports 80 (http) and 443 (https) open for Internet. All port 80 traffic are redirected to port 443 immediately Port 443 is SSL Enabled (RSA 2048 Bits)
Firewall rules Server is behind Amazon Virtual Private Cloud and administration access locked down to specific ports requiring VPN access 2 VPN accounts for Risk Manager Roger Watson and developer Rebecca Tan ( Two Factor Authorization) Sever ports are open for Remote Desktop Connection through VPN only
Backup Daily jobs that backup database, encrypt the backup files, and SFTP to AWS S3
Disaster Recovery Snapshot is created regularly, and a failed-over server can be setup immediately at AWS for faster recovery times and minimal service disruption
IIS Log Stracl technical staff reviews IIS log files daily
Website Traffic Stracl utilizes Microsoft Azure Monitor and Google Analytics to track and report website traffic and activities.
Network Traffic Network traffic and application activities are logged to Microsoft Azure Monitor Logs and reviewed by Stracl staff daily.
Technical Contact  Rebecca Tan  408-416-1548  rtan@stracl.com

Search

Related Articles

Implementing Microsoft Power BI with Stracl

Implementing Stracl Webapp SSO (Single Sign-On) Using SAML for Authentication

Implementing Stracl REST API to Load and Update Org Data

Implementing Stracl SaaS SSO (Single Sign-On) Using SAML for Authentication

Implementing Stracl Tableau Web Data Connector

Join The Organizational Change Management Software Revolution Today

Schedule Demo