Knowledgebase

    StarChapter Security Overview

    Of paramount importance to us at StarChapter is that our services are highly available, secure, and perform well. Through StarChapter, you store personal and organizational information and files, process eCommerce transactions, and collaborate with your fellow members and non-members. We are continually working on maintaining and improving our application, infrastructure, security, and processes to deliver the most reliable and secure software services available in our industry.

    Notification Procedures

    If the situation arises, we will use our best efforts to notify affected customers so that they are aware of the issue and can take appropriate protective steps. Notification procedures may include contacting customers' primary account contacts, placing announcements on the Admin section of the StarChapter application, and updating the service Status Page.

    Web Application Firewall (WAF)

    A Web Application Firewall (WAF) protects web services like StarChapter by filtering and monitoring traffic between a web application and the Internet. By placing a WAF in front of a web application, a shield is placed between the web application and the Internet which protects the service from exposure by having traffic pass through the WAF before reaching the service. StarChapter integrates Cloudflare, a well-known WAF, as part of a comprehensive security approach. Users will occasionally see a screen similar to the image below as the firewall monitors for malicious traffic.

    Endpoint Monitoring

    As an additional layer of security beyond the WAF, StarChapter employs endpoint monitoring on the platform.  This provides a second level of security protection at the “instance” level to ensure that maximum protection is achieved.

    Firewall Protection

    The entire StarChapter platform is protected by enterprise grade firewalls to ensure that only allowed traffic may reach any instance in the platform.  No public traffic may reach the platform without having passed through multiple points of security and cleansing.  Only authorized users may access any portion of the platform other than web users that use your website or administrative control areas.

    DDoS and Advanced Threat Protection

    As part of the suite of services provided by Cloudflare, Distributed Denial of Service (DDoS) and advanced threat protection are deployed.  These tools leverage highly advanced artificial intelligence to sense threats and respond automatically to ensure the protection of data and platform uptime.

    Data Encryption In Transit

    Access to the StarChapter services is via a standard HTTPS connection.   All non-secure traffic is automatically redirected to the secure protocol before any logic or functionality is executed.

    PCI Compliance

    StarChapter is PCI compliant and frequently reviewed to confirm our compliance.

    Collective Effort

    Keeping your data secure is a collective effort. Here are some steps you can take to ensure your data is secure:

    • Admin Users, Members, and Non-Members should not share login details.
    • Use the Welcome Email or Forgot Password functions to set and reset passwords rather than sending passwords in email.
    • Passwords should be adequately difficult.
    • Users and members should ensure that they have sufficient antivirus and malware protection and firewall security on their own systems.

    User & Member Access And Security

    There are different levels of access to the StarChapter services as listed below. Each type has a unique login ID and encrypted password.

    • Primary Account Contact: User with full access to the Admin side of the StarChapter service and access to the Customer Account Portal for managing the customer’s account information with StarChapter. This user is permitted to grant access to other Admins.
    • Admin User Access: Users who administer the StarChapter service and have full or restricted access to the StarChapter Admin side.
    • Member: Users with access to the front-end of their chapter’s site to access member only secure pages and files. They can self-manage their own member profiles.
    • Corporate Member Admin: Users with access to the front-end of their chapter’s site to access member only secure pages and files. They can self-manage their own member profiles and the profiles of members under their corporate membership.
    • Non-Member with Login: Users with access to self-manage their own profiles and expedited registration for meetings and events.
    • Guest or Site Visitor: Strictly public access, no login is permitted.

    Network And Server Security

    StarChapter provides a multi-functional membership software with the confidence that the service is highly available and secure. We use industry leading cloud based network redundancy monitoring and protection, including firewall and router technologies, network intrusion detection/prevention systems, and notification alerts that allow us to prevent and immediately detect malicious activity.

    Regular hotfixes and patches are applied to our servers and network equipment and expedited for the most critical security issues that affect our services. Whenever a vulnerability in software used by StarChapter or zero-day vulnerability is publicly reported, immediate action is taken to mitigate any potential risks for our customers.

    Regular internal network security reviews and third-party external audits are performed. 

    Access to our systems is protected via IP limitations and 256-bit encryption. Individual usernames and passwords are required for all machine and data access. Strong password guidelines are in place, including complexity (symbol and case sensitivity) and minimum length requirements.

    Physical Security To Datacenters

    StarChapter’s servers are located in enterprise data centers provided by Amazon Web Services (AWS). Access to these facilities is limited to authorized personnel.

    These facilities provide:

    • Built-in redundancy for power, water, cooling, and internet connectivity
    • Manned and technological security systems
    • Elaborate fire protection
    • Comprehensive policies and procedures to support compliance with the SSAE-16 standard
    • Regular reviews and audits to confirm the facility complies with the SSAE-16 standard

    Service Continuity And Disaster Recovery

    Customer data and files are replicated in real-time. The StarChapter infrastructure is built on a highly available, multiple availability zone structure.  This means that at all times, the StarChapter services are running in at least two separate data centers ensuring that at all times the platform is available, even if there is an outage in a given data center.  The platform is also self-healing so that if hardware or other issues arise, the platform will destroy the affected instance and replace it with a healthy instance. Service images are backed up frequently as is all data and file systems. Our backup and recovery process is tested on a periodic basis.