Stannp | Direct Mail Marketing Platform
hero image

Platform & infrastructure security features.

icon

Access Control

Stannp implements comprehensive access controls across all systems using role-based access control (RBAC) with least privilege principles and mandatory multi-factor authentication. All users have unique accounts with no shared credentials, and all access is logged, monitored, and regularly audited. Customer data is completely segregated through multi-tenancy architecture, with customers maintaining granular control over their team's access through platform-based user accounts.

icon

Security Assessment and Testing

Stannp maintains a rigorous security testing program with continuous automated vulnerability scanning across all infrastructure and monthly assessments with automated alerting. Independent third-party penetration testing is conducted by specialist security firms with all findings tracked to resolution, covering OWASP Top 10 as a minimum standard. Critical vulnerabilities are resolved within 7 days, high severity within 14 days, and medium severity within 30 days.

icon

Data Encryption Standards

Stannp employs industry-leading encryption to protect all customer data. We use 256-bit AES encryption for data at rest and TLS 1.2/1.3 for data in transit, consistently achieving A+ ratings from Qualys SSL Labs. All cryptographic keys are securely managed through Azure Key Vault with strict access controls.

icon

Audit Logs and Activity Monitoring

We maintain comprehensive audit logs for all system access and data processing activities, providing complete visibility and accountability across our platform. Our Security Information and Event Management (SIEM) system monitors activities 24/7 with daily automated reviews and real-time alerts for security events. Logs are retained for 12 months and protected against unauthorized modification.

icon

Secure Development

Security is built into every application from the ground up through our security-by-design approach. All software is developed in-house following OWASP Top 10 guidelines, with complete environment segregation, mandatory peer code review, and comprehensive testing before any code reaches production. Regular penetration testing and vulnerability scans ensure ongoing security.

icon

Application Security

All applications are developed in-house with rigorous security controls throughout the development lifecycle. We maintain separate development, staging, and production environments, implement comprehensive testing with Cypress and CircleCI, and conduct monthly security testing using industry-leading tools. Customer data remains completely segregated through multi-tenancy architecture.

icon

API and Integration Security

Our API-first platform implements comprehensive security measures including token-based authentication, HTTPS/TLS encryption achieving A+ ratings, and intelligent rate limiting. All API activities are logged and continuously monitored through our SIEM system, with monthly vulnerability scans testing specifically for OWASP Top 10 threats.

icon

Security Architecture and Infrastructure

Stannp's security architecture is built on Microsoft Azure's Canadian data centers with enterprise-grade infrastructure protecting customer data through multiple layers of defense, comprehensive monitoring, and strict geographic controls. Our infrastructure uses separate virtual networks for complete environment segregation, 24/7 SIEM monitoring, and mandatory multi-factor authentication. All data remains within Canadian borders with 99%+ uptime SLA supported by redundant systems across multiple server regions.

icon

Network Security

Our enterprise-grade network security uses multi-layered defences including role-based access control, and continuous SIEM monitoring. All data in transit is protected with TLS 1.2/1.3 encryption achieving A+ ratings, while data at rest uses 256-bit AES encryption. Monthly vulnerability scans and annual penetration testing by external organizations validate our security controls.

icon

Virus and Malware Protection

Comprehensive anti-virus and anti-malware protection runs on all workstations, servers, and mobile devices, with daily automated scans and real-time monitoring. Our multi-layer defence strategy includes email filtering, web protection, and integration with Microsoft's global threat intelligence network. All malware incidents trigger immediate isolation and response protocols.

icon

Service Monitoring

We operate 24/7 infrastructure monitoring through our SIEM system with daily automated reviews of comprehensive audit logs covering all system activities. Continuous monitoring tracks performance metrics, system health, and security events with real-time alerts for anomalies. Our 99%+ uptime SLA is supported by redundant systems across multiple server regions.

icon

Backup and Recovery

Business critical data is automatically backed up every 15 minutes with daily full backups and weekly secondary backups. Backups are encrypted and retained for 30 days with 12 months total retention, ensuring comprehensive recovery options. Recovery procedures are tested annually and documented to ensure rapid restoration capabilities.

icon

Data Transfer Security

All data transfers use HTTPS/TLS encryption achieving A+ ratings from Qualys SSL Labs, with immediate encryption of uploaded data using 256-bit AES. Our API-first platform implements token-based authentication, rate limiting, and comprehensive logging, with all activities monitored through our SIEM system. Data is processed in segregated environments and stored exclusively within Canadian borders.