Personnel Security

Set Tracker’s security practices apply to all members of staff, independent contractors, and anyone with direct access to our internal systems. Before gaining initial access to systems all employees must agree to confidentiality terms and pass a background screening.

Upon termination of employment at Set Tracker, all access is removed immediately.

Application Security

In order to secure Set Tracker’s applications, a secure development life cycle and release management process is used in the delivery mechanism for new products as well as updates to existing products. Advanced application security testing is performed to ensure released code is secure and adhering to defined development standards. 

Physical Security

Set Tracker infrastructure is hosted on Amazon Web Services (AWS). The AWS data centers are equipped with multiple levels of physical access barriers including:

• Alarms

• Outer perimeter fencing that is crash rated for vehicles

• Electronic access cards

• Video surveillance

• Internal trip lights

For more information on AWS security processes, see this whitepaper. 

No Set Tracker employee has physical access to any AWS data centers, servers, networking equipment, or storage

Product Security Features

Set Tracker’s foundational cornerstones for delivering customer services focus on strong security, availability and resiliency. Within the application’s themselves, strong authentication models are utilized and made available for clients to protect their data. ST views data protection as the highest priority leveraging modern day safeguards for both data at rest and in transit. ST employs advanced encryption technologies and strong key management which provide extensive protections for sensitive data using encryption tied to access control for in-flight and at-rest data protection.

Authorization/Authentication

Set Tracker adheres to the principle of least privilege – employees are given access only to the data that they must handle in order to fulfill their current job responsibilities. Employees are granted access to a small number of internal systems, but any requests for additional access must be approved by the system owner.

Where possible, Set Tracker employs multi-factor authentication for administrative access to systems containing any sensitive data.

Third Party Service Providers

Set Tracker uses third party providers for some aspects of our operations. Where those organizations may impact the security of our production environment or customer data, we take appropriate steps to ensure that Set Tracker’s security posture is maintained.

Privacy Policy

Learn more about privacy here.