How is security managed on Sutori?
Sutori takes the security of you and your students very seriously. Our team implemented security best-practices at every level.
When you visit Sutori, all communication between our servers and you is encrypted using the most modern standards. This includes:
Any content that you write on Sutori.
Any media (images, audio, video) that you download or upload.
This allows you and your students to stay safe:
Hide the data as it is being transmitted on the network.
Prevent all modification of data as it is being transmitted on the network.
Prevent MITM (Man-in-the-middle attacks).
We realize that even by being thorough, some security vulnerabilities can still manage to slip through the cracks. That's why we take input from the community to become aware of and fix security issues as soon as possible. As Linus Torvalds said, "given enough eyeballs, all bugs are shallow".
Before every deployment of Sutori, automated tools scan our application for security vulnerabilities in third-party libraries that we use. We can't deploy until the security vulnerability is fixed.
Within Sutori, every member realizes the importance of security. That's why we have the following best practices:
Two Factor Authentication on third-party services that Sutori team members use.
All the features are designed around security and reliability.
Every computer running Sutori development tools is secured and up-to-date.
Sutori refuses to sell any data and our policy is to respect your data privacy. Our business model is based on paid Sutori subscriptions, not on your data.
Sutori is hosted by Heroku, a trusted provider. You can find their security statement here.
Encryption everywhere
When you visit Sutori, all communication between our servers and you is encrypted using the most modern standards. This includes:
Any content that you write on Sutori.
Any media (images, audio, video) that you download or upload.
This allows you and your students to stay safe:
Hide the data as it is being transmitted on the network.
Prevent all modification of data as it is being transmitted on the network.
Prevent MITM (Man-in-the-middle attacks).
Continuous improvements
We realize that even by being thorough, some security vulnerabilities can still manage to slip through the cracks. That's why we take input from the community to become aware of and fix security issues as soon as possible. As Linus Torvalds said, "given enough eyeballs, all bugs are shallow".
Before every deployment of Sutori, automated tools scan our application for security vulnerabilities in third-party libraries that we use. We can't deploy until the security vulnerability is fixed.
Security practices in our team
Within Sutori, every member realizes the importance of security. That's why we have the following best practices:
Two Factor Authentication on third-party services that Sutori team members use.
All the features are designed around security and reliability.
Every computer running Sutori development tools is secured and up-to-date.
Sutori refuses to sell any data and our policy is to respect your data privacy. Our business model is based on paid Sutori subscriptions, not on your data.
Secured infrastructure
Sutori is hosted by Heroku, a trusted provider. You can find their security statement here.
Updated on: 05/01/2022