Compliance and data privacy

·       No data kept at rest on Starfish ETL iPaaS servers

·       Data in motion is encrypted using HTTPS

Infrastructure protection

·       StarfishETL iPaaS servers hosted on AWS 

·       Servers are hosted on the Eastern US locations.

·       AWS data centers and a network architected to protect information, identities, applications, and devices. 

·       Access to the servers by the StarfishETL Cloud Operations team governed by documented procedures to keep system access secure.

Threat detection

·       AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.

·       Cloud Operations team monitors activity per documented procedures and will inform 

GDPR compliance

StarfishETL team provides easy-to-access information during the opt-in process so an individual may request any personal information that StarfishETL processes about them including:

·       The personal data held about them

·       The purposes of the processing

·       The categories of personal data concerned

·       The recipients to whom the personal data has/will be disclosed

·       How long StarfishETL intends to store the personal data

·       If StarfishETL did not collect the data directly from them, information about the source

·       The right to have incomplete or inaccurate data about them corrected or completed, and the process for requesting this

·       The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from StarfishETL, and be informed about any automated decision-making that is used

·       The right to lodge a complaint or seek judicial remedy, and who to contact in such instances

Password encryption 

·       Uses AES 256-bit encryption

·       Endpoint credentials

·       Designer login credentials

·       Both Cloud and on-premises deployed environments encrypt login credentials.

·       On-premises Designer (Admin) does not require login credentials. Password encryption is therefore not required.

Password recovery

·       StarfishETL iPaaS supports password recovery. Password recovery is initiated through a link on the login page. Reset links are sent to the email associated with the user requesting the password reset.

·       On-premises Designer (Admin) does not require login credentials. Password encryption is therefore not required.

Encrypted SQL DB

·       StarfishETL leverages SQL for storage of project metadata, transaction history, foreign key cross-references, project configuration data and end point metadata.

·       StarfishETL iPaaS local storage is encrypted using SQL Server’s encryption tools.

·       On-premises systems can opt in to encrypt SQL DB by setting up SQL server to encrypt the local database.

Configurable single outbound connection to Starfish iPaaS services

·       Utilize the Starfish Ray as the configurable single outbound connection agent that will connect to the StarfishETL iPaaS services.

·       Securely exposes protected internal systems to allow integrations with Cloud systems

·       Light footprint agent is installed within the client’s network which enables bi-directional SSL encrypted communication

·       Once Agent is installed, connections and mappings are administered using the Cloud Designer

·       Single outbound connection to our secured servers

Data over the wire encrypted using HTTPS

·       StarfishETL connections over the internet use HTTPS to encrypt data over the wire.

Whitelist StarfishETL iPaaS

·       Whitelisting a server’s IP that needs access to a server inside a firewall is a common technique used by our customers to increase security.

·       Whitelisting the StarfishETL iPaaS server’s IP address associates the server as a secured location. 

·       Whitelisting often meets high security requirements for physical servers outside of company’s secure environment.