Security

Your data is safeguarded.

Security is our highest priority.

  • GDPR & SCC for data transfers
  • ISO 27001/27701 & SOC 2 Type II certified
  • SSOSAML, AD
  • SCIM provisioning

Enterprise leaders trust their data with Stack Overflow for Teams:

Security is the foundation of our platform.

See how we keep your data secure, so your teams can stay productive and innovative.

Separate databases —
just for you.

Our product was designed to ensure your data is logically isolated into its own SQL schema and stored in separate databases accessible only by requests from your team.

Encryption keeps your data safe.

All customer data is encrypted when in transit over public networks and within our network between the private Teams network zone and the rest of our infrastructure.

Ensure your internal knowledge remains private and secure.

Built on ISO 27001 framework

Our robust information security program is built on the reputable ISO 27001 framework, achieving certification for our Enterprise plan. Access to our full Information Security Policy can be provided with a signed NDA.

Easy access control with Single Sign-On

Available on all paid tiers, SSO allows organizations to control access using an existing Identity Provider (IDP).

Automated user provisioning

SCIM 2.0 allows an Identity Provider to update the application with the user’s activation status (Active/Deactive) and/or permission (Admin/User).

SOC 2 Type II certification

Available for our Business and Enterprise plans, our SOC 2, Type II report attests that the controls we put in place match established and trusted requirements.

Frequently Asked Questions

General security measures for our knowledge management software.

General security measures

What are the benefits of Stack Overflow hosting Teams?

Stack Overflow hosts the Teams application, taking case of all upgrades.Enterprise and Business tiers have a 99.5% uptime SLA. This means less operational overhead for our customers.

Is client data encrypted?

Stack Overflow for Teams requires the use of HTTPS in order for our clients to communicate with the site. Data is encrypted in-transit and at-rest.

Who has access to login details?

Stack Overflow doesn’t store usernames or passwords that are owned and managed by your organization because we require you to configure a SAML 2.0 Identity Provider (IdP) in order for users to access the site. To successfully log in with an account from a configured SAML 2.0 IDP, we require a unique ID, an email, and a full name.

Which Security certifications do you have on an organizational level?

Our Business and Enterprise plans have SOC 2 Type II reports, and our Enterprise plan is ISO 27001 and ISO 27701 certified.

Azure cloud security measures

Where is customer data stored on the Business and Enterprise plans of Stack Overflow for Teams?

For Business and Enterprise Cloud option, we use Microsoft Azure Cloud, which means you'll have world class infrastructure and security of the platform as your backbone. Our Business and Enterprise plans include SOC 2 Type II reports along with other robust security measures.

How do you separate my Enterprise Team's data from other customers Teams’?

Each Enterprise instance of Stack Overflow for Teams is isolated in its own Virtual Network within our Azure Cloud Subscription. This means that the infrastructure for your Team is not shared among our customer base and we provision each customer’s infrastructure in such a way that traffic and data never cross customer boundaries. The Business plan is multi-tenant, and customer data is logically separated in the database.

Can issues on on other Cloud Hosted Business and Enterprise clients’ instances affect my data?

Isolated cloud infrastructure is provisioned for Enterprise customers. Business instances share infrastructure, particularly networking and databases. Databases are logically separated.

What encryption is used on Azure?

We use SQL Transparent Data Encryption (TDE), and all data is encrypted at rest using AES-256.

Who has admin access at Stack Overflow?

Access is restricted to Site Reliability Engineers for Stack Overflow for Teams Business and Enterprise plans who have been trained on the information security policies and guidelines in place. This includes guidelines for data loss and leakage prevention which aim to prevent customer data from ever leaving the provisioned Cloud environment.

Where can I learn more about Azure Cloud?

Since we run and manage the Enterprise and Business plans through a SOC 2 Type II attested and ISO27001 certified Azure Cloud, you can learn all about it in detailed specifications published by Azure Cloud on the security of its public cloud platform and infrastructure.