Features Testimonials Whitepaper About Us Security

Security & privacy

Security, safety, and privacy of your Strats, Nades and all other data is our top priority, and we built Metastack with that in mind.

Security

Metastack takes a security-by-design approach to protecting your data. Our team is committed to ongoing improvements so you can use Metastack with confidence. We've provided a deep dive into our security practices.

Security Shield

Product security

All data inside both personal and team workspaces is accessible only by the members of that workspace. Users that are not members of a workspace won't be able to open any pages inside that workspace. Those users will instead be shown the Page not found screen. Additionally, all the URLs inside a workspace are only known by it’s members.

Team profile page and team settings pages are only accessible by that team's members. Team owner and admins can change permissions and content access level of team members by changing their rank. If a member leaves the team - all created data by that member stays with the team.

Operational security

Our team continuously implements new security controls and monitors Metastack for malicious activity across our infrastructure, networks, and assets.

Security infrastructure

Metastack's infrastructure is designed with layers of protection to help ensure your data is secure while transmitted, stored, or processed. Protections include but are not limited to encryption, least privilege access and secure software development.

Metastack runs on AWS's enterprise-grade cloud and is shielded by Cloudflare's global security network.

Both providers are independently audited and certified for the highest international standards:

  • ISO/IEC 27001 – Information Security Management
  • ISO/IEC 27017 – Cloud Security Best Practices
  • ISO/IEC 27018 – Privacy for Personal Data in the Cloud
  • SOC 2 Type II – Trusted Security Controls
  • GDPR - Data Protection Compliance

Your data benefits from the same infrastructure security trusted by Netflix, Riot Games, the U.S. government and other government agencies worldwide.

Certified infrastructure

Our infrastructure meets globally recognized standards.

We encrypt all data in transit and at rest, back it up daily, and guard it 24/7 with enterprise-grade security. Metastack is pursuing its own ISO certification as well to bring you the highest level of security assurance. Metastack leverages AWS and Cloudflare platforms to host and secure your data, so your data stays truly yours.

Infrastructure security practices

Anti-DDoS: Metastack leverages third party applications, such is Cloudflare, for DDoS protection.

Data center security: Metastack is hosted on AWS, who handles the physical security of its data centers. For more information please refer to AWS’s cloud security documentation.

Access controls: AWS infrastructure is housed in Amazon controlled data centers throughout the world, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. More information on AWS data centers and their security controls can be found on the official AWS data centers page.

Infrastructure security: Metastack’s infrastructure is hosted in a fully redundant, secured environment. Metastack’s user data is hosted by AWS. AWS maintains a list of reports, certifications, and third party assessments to ensure best security practices. Please see AWS compliance documentation for more information.

Separate production environment: User data is never stored in non-production environments. User accounts are logically separated in our production environment. We have separate development and production environments.

Security practices

Security Shield

Data security

Access monitoring: Metastack has enabled logging on all critical systems. Logs include failed/successful logs, application access, administrator changes, and system changes. Automated alerts are enabled for any critical events.

Backups enabled: Metastack is hosted by AWS and stores user data using a combination of databases. By default, AWS provides durable infrastructure to store important data and is designed for durability of 99.9% of objects. Automated backups of all user and system data is enabled, and data is backed up daily at minimum. The backups are encrypted in the same way as live production data, and are monitored and alerted.

Data erasure: Metastack users are controllers of their data. Each user is responsible for the information they create, use, store, process and destroy. Metastack users have the ability to delete their own data or to request data deletion or account deletion.

Encryption at rest: User data is encrypted at rest using AES-256 encryption. User data is encrypted when at rest in cloud storage, database tables, and backups.

Encryption in transit: Data sent in-transit is encrypted using TLS 1.2 or greater.

Physical security: Metastack leverages Amazon Web Services (AWS) to host our application, and defers all data center physical security controls to them. Please refer to AWS’s physical security controls here.

Application security

Code analysis: Metastack team conducts threat modeling and secure design reviews for new releases and updates. After code completion for significant feature launches, we perform code audits, code reviews, and conduct security scans of our codebase.

Web Application Firewall (WAF): All public endpoints leverage a managed Web Application Firewall to deter attempts to exploit common vulnerabilities.

Access control

Data access: Metastack internally leverages the principle of Least Privilege for access. Access is granted based on job function, business requirements, and a need to know basis. Access reviews are conducted on a set frequency to ensure continued access to critical systems are still required.

Logging: Metastack leverages automated logging/alerting capabilities. Logs are ingested from critical systems and alerting rules are utilized to ensure security event alerts are generated where/when necessary.

Password security: Metastack requires MFA to be enabled for any and all systems that provide the option for MFA. Metastack maintains a strict internal password management policy including complexity and length, with a mandatory use of a password manager.

Resilience and recovery

  • Recovery Time Objective (RTO): Estimated at 2 hours
  • Recovery Point Objective (RPO): Estimated at 24 hours

Privacy

At Metastack our team is dedicated to developing and implementing data privacy processes and safeguards that meet industry standards and best practices. Every Metastack employee and contractor signs up to non-disclosure terms to maintain the confidentiality and security of your data.

Lock

Policies

We want to be as transparent as possible with our users about how we collect, process, store, and use their personal data. In order to achieve this, Metastack maintains comprehensive and detailed policies regarding how we handle your personal information. These policies describe in detail how our users can exercise their rights with regard to their data.

Lock

Learn more about custom features

Interested in advanced security and control? Let us know your needs and we can help!

For any requests and questions:
Don’t hesitate to reach out to our team at contact@metastack.gg