When it comes to securing information about your organization and your customers, there is no room for compromise. Prevent data leakage and misuse with our SOC Type 2 security guarantees.
Private Status Pages
Some status pages, such as those for public services, are for general consumption and can be accessed by anyone. However, others are not, and some of the largest SaaS companies in the world use StatusCast’s private status pages to communicate service availability and update incident information with only those that need to know. Set your page to private and control who has status page access.
Control information with role-based access to all your StatusCast assets. You can restrict access to incident and service information based on user roles. Send custom invites to customers, end-users, colleagues, and other stakeholders to better support your need for privacy. You can even limit incident reporting by IP address.
Use our Subscription based filtering to provide limited access to status page content based on the specific services that each subscriber is assigned. Subscriber filtering provides another mechanism for restricting access to content and providing each end user with a different view into the status of your organization.
Tailor notifications so your subscribers only get alerts relating to the applications and services that may impact them. Use Audience Groups with your private status pages to assign components, incidents, and services to named subscriber groups. Unlimited capability to segment and assign individuals to different groups.
Enterprise support with multiple single sign-on (SSO) options available. Auto-provision administrators, employees, and subscribers. StatusCast is compatible with most SSO providers, including Okta, Google SSO, Duo, and OneLogin.
Control status page access to your status page based on IP address. Large organizations may want to have additional security and control access to their data based on only allowing access to known good and permitted addresses through the IP network layer.
SOC 2 Certified
StatusCast is one of the only SOC 2 certified incident management and status page vendors. Choosing StatusCast means you don’t have to worry about getting a new vendor through your organization’s security requirements. We’re only too happy to share our SOC 2-Type II audit and DPA.
StatusCast is a truly global platform and we serve the data protection regulations of the GDPR by provisioning the data and the application servers which manage your account within our EU data centers, ensuring that your data is protected and compliant.
StatusCast is inherently secure, and our platform utilizes industry-standard features and practice to deliver enterprise-grade status page security for all customers.
SSO & 2FA
Single Sign-on (SSO) based on Security Assertion Markup Language (SAML) lets your users authenticate across all your systems, avoiding the frustration and risk of requiring them to log on to every resource. Use in conjunction with two-factor authentication (2FA) for even greater security.
We enable permission levels within the app to be set for your teammates. Permission levels are configurable across your team to allow control of app settings, billing, user data and for sending or editing messages.
See how the availability of our platform measures up… Take a look at our uptime performance for the last three months at https://status.statuscast.com Customer Best Practices
Online guides and support
There’s online guides to using StatusCast, including support for managing your status pages privacy options at: https://support.statuscast.com/docs
Secure Network and Application
The architecture of StatusCast means it is designed to be highly resilient and fault tolerant, proofing the platform against the common vulnerabilities that impact the performance and availability of IT infrastructure.
Multi-Region Hosting and Storage
StatusCast services and data are entrusted to Microsoft Azure world-class hosting facilities provided from multiple data centers across the United States and Europe
Failover and DR
Hosted on Microsoft Azure, our failover is made super resilient through the use of failover to two different Azure regions. Our global firewall and load balancing solution is integrated with Azure’s CDN, maximizing uptime and minimizing latency.
Back Ups and Monitoring
All actions taken within the StatusCast platform are logged. On an application level, we produce audit logs for all activity, which are stored for 90 days.
Permissions and Authentication
The StatusCast platform is presented entirely through secure HTTP (https://…) and SAML SSO, 2FA and strong password policies make sure cloud services are fully protected. Permission to access customer data is limited to those employees that are authorized for the purposes of doing their job.
Zero trust is implemented, meaning that no one is assumed trustworthy – verification is required from everyone trying to gain access to resources on the network. Alongside this, authenticating to StatusCast does not provide access to any other resources on your network.
Whether it is in transit being sent to or from StatusCast, when in motion or at rest, all StatusCast data is encrypted using 256-bit encryption. The strong cipher suites we use utilize elements such as HSTS and Perfect Forward Secrecy.
Pentesting & Vulnerability Scanning
The StatusCast team is highly proactive in addressing any known security issues. Pentesting across the StatusCast platform and infrastructure is regularly outsourced to external security consultants. Through our use of appropriate third-party tools to identify vulnerabilities by continuous scanning.
Making sure our team is fully conversant and continuously updated with security issues is a pivotal element of making sure StatusCast is secured against threats to privacy and data misuse.
Background checks are conducted on all new employees, including verifying employment history and checking for criminal records.
All employee contracts include a confidentiality agreement to legally oblige them not to make unauthorized disclosures related to their work or anything they learn or have access to in performing their duties.
Security and Awareness training is undertaken by all StatusCast employees.
StatusCast security policies are maintained and continually updated to cover the wide range of employee behaviors and practices that influence security.