Log In
Get in touch ->

Secure your Data with
Industry’s highest
standards of security

Secure your Data with
Industry’s highest standards of security

We employ rigorous measures across our people, processes, and technology
to safeguard your data, applications, and infrastructure.

Trust Center ->

Physical & Network Security

Data Centres

Stello applications are hosted in data centers with fully redundant subsystems and compartmentalized security zones. We use AWS EC2 and Amazon RDS (Relational Database).

Application Security

Our application development, testing, and deployment process is rooted in a firm commitment to product security. Our Product and Technology teams follow a framework called Secure Software Development Life Cycle (SSDLC).

Network Security

Stello utilizes Cloudflare Network Services to identify and block attacks targeted at exploiting web application vulnerabilities. Ensures a robust network security framework, securing the Stello environment from evolving threats.

Multitenancy

Software architecture model that allows a single application to serve multiple customers, or tenants. Multitenancy uses a architecture that follows the "data isolation" principle. It keeps each tenant's data separate and invisible to other tenants. Each tenant has their own data access, permissions, and privileges.

Technology built to be Secure

Data Encryption

We leverage state-of-the-art encryption technologies to secure customer data, regardless of whether it’s at rest or in transit.

  • Stello utilizes the Advanced Encryption Standard (AES) algorithm with a key size of 256 bits for encryption while data is at rest.
  • We employ SSL Encryption – 4096 bits to safeguard user access over the internet, which secures network traffic between a user’s device and a server, preventing tampering, forgery, and unauthorized interception.

Logical Security

Authentication & Single sign-on:  Stello seamlessly integrates with internal customer web portals via Auth0 and SAML, creating an effortless single-sign-on experience. For those utilizing Microsoft Azure AD, Stello provides an Azure Active Directory connector.

Robust Policies and Programs

  1. Security Incident Response
  2. Risk Management
  3. Contingency Planning
  • Data Backup
  • Disaster Recovery
  • Business Continuity

Penetration Testing & Auditability

Pen Testing

Engaging third parties to perform network vulnerability assessments and penetration testing on a regular basis. Specific Testing Methodologies used are:

  1. SAST (Source Code Review)
  2. DAST (Web AppSec)
  3. CSA (Cloud Security Assessment for AWS Components)

Auditability

Regularly testing the key controls and systems to validate that they are properly implemented and effective in addressing the threats and risks identified.  Where applicable, such testing includes

  • Internal Audits: Conduct regular internal audits to assess compliance with this policy and identify areas for improvement.
  • External Audits: Engage with external auditors annually to validate compliance with data protection standards and Service Organization Control 2 (SOC2) regulations.
  • Audit Logs: Maintain comprehensive logs of data access, changes, and transfers, which are regularly reviewed for unauthorized or anomalous activity

Stello’s Privacy Program

Handling of Personally Identifiable Information (PII)

  • Encryption and Anonymization: PII is protected through encryption. Anonymization techniques are applied when feasible to enhance privacy.
  • Restricted Data Sharing: We explicitly request clients to refrain from sharing sensitive data types like PCI and PHI unless absolutely necessary and predefined in specific agreements.
  • PII Access Controls: Strict controls are in place to limit PII access to authorized personnel, ensuring data security.

Data Collection & Use

  • Purpose Limitation: We collect data exclusively for delivering our services
  • Informed Consent: Clients are informed about data collection purposes and the use of their data, ensuring transparency and obtaining informed consent.

Data Storage and Protection

  • Data Encryption: All sensitive data, including PII, is encrypted using state-of-the-art methods, both at rest and in transit.
  • Access Control: Access to sensitive information is strictly limited to authorized personnel, employing the principle of least privilege.
Stello AI, Tampa FL 33647
PRODUCTS
  • For Startups
  • For Midsize
  • For Enterprise
  • For your existing
    Compensation Platform
RESOURCES
LINKS
SECURITY
© 2024 Stello AI. All rights reserved. “Stello” and the Stello logo are registered trademarks of the company.
California Residents: +1-800-456-7890
The Stello AI Visa Business Card is issued by Your Bank (Member FDIC) pursuant to a license from Visa USA Inc. Visa is a registered trademark of Visa International Service Association. All other trademarks and service marks belong to their respective owners.
1. Average savings are calculated as a percentage of a customer’s total spending using Stello AI features designed to reduce expenses. This percentage is an estimate and not a guarantee. Savings may also come from non-card expenses, such as reduced manual expense tracking and smarter monitoring. Your actual savings may vary.
Please visit our Terms of Service for more details. Read our Editorial Guidelines and Privacy Policy.
Your Privacy Choices
Privacy Options
Stello AI Financing Corporation – NMLS 1234567, Stello AI Payments Corporation – NMLS 7654321