No extra steps are required to mask sensitive data. By default, the agent collects no sensitive data from your servers, and can be installed safely in many regulated environments as a result.
Error and log information sent to Stackify should be handled following the same best-practice rules of logging to a log file or other plain text destination to ensure the highest degree of security: mask or omit any sensitive fields that could have compliance implications, and disable log shipping from any sources that you don’t have confidence in and control over.
Stackify’s database servers contain information about the client’s servers and applications. Data stored includes the IP address, server name, basic hardware specs and a list of applications installed on the servers. As part of server monitoring, Stackify stores performance metric data. Basic server info and metric data is not encrypted in storage as it is not considered sensitive and encrypting this volume of data would introduce unnecessary performance challenges.
The one area where Stackify cannot encrypt potentially sensitive data at rest is for error and log information. As cited above, please mask or omit any kind of PII or compliance-oriented data that you wouldn’t want stored as plain text; if you are following best-practice logging guidance already, this will already be addressed.
In addition, Stackify also offers 2-Factor Authentication and Single Sign-On for enhanced security for your account.
When implementing in a healthcare environment, it is possible to implement Stackify without impacting HIPAA compliance obligations. By following the guidance in this document, Stackify will not receive any protected health information.
In a PCI compliant environment, it is possible to install Stackify behind a proxy server to satisfy the requirement to not allow any direct connections between the internet and the cardholder data environment.
For a more indepth discussion about how Stackify fits into a regulated environment, or to discuss other regulatory environments than those listed above, please contact Stackify Support ( [email protected] ).