We Enable Best Practices for Secure Data

We understand that privacy and security are top of mind for public sector entities and large enterprises who are stewards of highly sensitive data. We enable best practices for secure data in our organization, with our people, and through our processes. Unstackr organization complies with industry-leading standards and controls for information security (ISO:27001/2 and NIST CSF). We align with SOC 2, Type 1, with SOC 2, Type 2 certification forthcoming.

Unstackr is used in environments with highly sensitive data and aligns with common Public Service standards for data auditability, storage, and high sensitivity access. Unstackr is proven in healthcare and insurance environments that require secure management of personally identifiable information (PI) and personal health information (PHI).

Unstackr Application Security across All Layers

Unstackr provides robust multi-layer application security. Our application supports end-to-end encryption of data in transfer and at rest. We support encryption between all layers of application from UI to database and API services.

Unstackr integrates with leading SSO/AIM implementations for seamless and secure authentication services. Unstackr CAPTCHA bot detection and validation of users as human helps prevent possible DDoS attacks. With our role-based access management, in-built capabilities for auditing, and user session logging, you can easily authorize users to access data they need to do their jobs and limit access to confidential information according to the rule of least privilege.

Own and Control Your Data in the Cloud

Choose secure infrastructure and a failure-proof, highly available environment with redundancy across multiple zones and regions for your deployment to maximize autonomy and control and meet data sovereignty requirements. Regardless if you choose a SaaS or a managed service deployment model, you always have full ownership over data in your instance.

Your Data Never Co-Mingles with Data from Other Organizations

Unstackr supports full data segregation by providing you with a unique Tenant ID so that your data never intercepts with that of other organizations. We also support multi-tenancy from the ground up to enable users from different departments within your organization to work collaboratively. This helps break out of information silos and create even more synergies and efficiencies, securely.

Store Your Data Securely with Unstackr

Apply permissions and security around data without impacting performance and delivery of information to systems consuming data. Unstackr keeps data on your forms and form templates secure.

1. Form metadata: Use data about the filled in form for security and audit purposes. Form metadata generally does not carry information from the form itself and is standard across all forms.

2. Desensitized form data: Use data as filled in by users and administrators (e.g. postal code, type and date of transaction) for analytics and trend analysis.

3. Encrypted Sensitive from data: Sensitive data as captured by users and administrators (e.g. first and last names, addresses) is always protected and encrypted in Unstackr.

4. Form template information: Unstackr stores data about the form template (e.g. question text, drop down options, possible scores, formulas and validation logic). Access and reuse this data for repeatable form development.

Unstackr Desktop Version and Mobile App are Secure by Design

Unstackr doesn’t cache data entered on the form after it has been submitted. This protects users from malicious attacks because no sensitive data remains on the user desktop.

Unstackr Native Mobile functionality allows users to work on form submission on their device offline. Unstackr Mobile uses AES256 encryption for the offline mode to make sure that data on the device is secured and inaccessible from outside.