Overview

Stracl Trust & Security is a comprehensive cloud‑based framework embedded within the Stracl organizational change management platform. It ensures enterprise‑grade security, data privacy, and system integrity across all modules by integrating industry standards, backups, access control, and encryption. Stracl is ISO 27001 patterned and audited by CyberGRX and SecurityScorecard to foster user trust and compliance while enabling seamless use of Stracl functionality for change management professionals.

Features and Capabilities

• **Encryption & Data Resilience: **Data in transit is protected via 256‑bit SSL and 2048‑bit CSR encryption; data at rest is encrypted using AES‑128. Daily backups occur three times per day, stored for 30 days, with fail‑over servers to minimize disruption.
• **Certifications & Third‑Party Validation: **The platform is ISO 27001 compliant, with its security posture validated annually by CyberGRX and scored independently by SecurityScorecard.
• **Administrative Controls & Access Management: **Administrators can configure user access per module, manage REST API imports, and implement SSO using SAML‑based identity providers such as Okta, IBM Cloud, and Microsoft Azure.
• **SSO & Identity Hygiene: **Single Sign‑On using SAML 2.0 eliminates separate passwords, integrates with corporate directories, and ensures inactive users are automatically denied access.
• **User Privacy & Compliance: **Stracl complies with the EU‑US and Swiss‑US Data Privacy Shield and meets GDPR requirements for transatlantic data protection.
• **Infrastructure & Hosting: **The system is hosted on Amazon Web Services (AWS), which is SSAE 16 Type II certified. Server administration is conducted via VPN and includes redundant fail‑over mechanisms.
• **Billing & Data Retention Policies: **Payments are processed securely via Stripe, with encrypted credit card storage. Customer data is downloadable for 30 days post‑termination and permanently deleted thereafter per internal policy.