Security
We understand how important it is to keep your information safe. Security has been a cornerstone of development since day one as Stylo’s founders spent their careers in cyber security. We take the commitment to upholding the safety of information through our extensive use of policies, controls, and industry experience to ensure your utmost confidence. At a glance:
PII Masking
Common types of sensitive information including banking card numbers, Social Security Numbers, Passport information, Drivers Licenses, and more are automatically removed and masked.
Data center and network security
Stylo services are hosted in GCP (Google Cloud Platform) data centers which meet the following standards for cloud security.
Application Security
Stylo's web applications are built to minimize attack surface and adhere to standards for security, authentication and cryptographically safe exchanges. Any exchange with third parties is done through TLS.
Authentication
Stylo's authentication system uses OAuth with JWTs making it simple to manage permissions. Additionally, Stylo utilizes verification of shared secrets and IP whitelisting.
Penetration Tests and Vulnerability Scanning
Alongside regular penetration testing, Stylo utilizes continuous monitoring solution SecurityScorecard. Stylo strives to maintain a grade of an “A” (The highest grade in SecurityScorecard) at all times. In addition, before deploying updates to production we scan our containers to identify any potential vulnerabilities as part of our pre-deployment process.
Compliance and privacy support
As a data processor, we ensure we are helping our customers maintain compliance posed by their own regulatory requirements. For GDPR requests we are able to produce records of stored information and respond to requests for data deletion. Custom data retention policies are available upon request for specific engagements.