Security

Stillio is here to support our customers' daily business needs with our essential service. We take pride in providing a safe and secure environment that you can always count on. On this page, we share how we work to offer a reliable service with a major focus on security.

Types of Information

We transmit and store three types of information: accounts, webpages and screenshots. Account passwords of customers are one-way encrypted; their actual contents is only known to their owners. Created screenshots (i.e. PNG files) are publicly accessible, for easy integration in customer applications, but can only be retrieved by their hard to guess UUIDs and can never be traced to individual customers.

Transmitting and storage

Our core systems employ AWS for transmitting and storing information. For transmission we use AWS Lambda and Amazon EC2. For storage we use Amazon Relational Database Service, Amazon DynamoDB and Amazon S3. All information between these services is transmitted securely, either via HTTPS or via our AWS Virtual Private Cloud. Access to all of these systems - e.g for deployment and maintenance - is restricted to a few of our staff members and controlled via SSH.

External services

We also make use of a number of external, non-AWS services, notably Dropbox and Google Drive. Our customers can use these services - if desired - for storing screenshots in their own accounts. Furthermore, we use Postmark for informing customers about created screenshots via email - again, if desired. Our communication with these services is secured via HTTPS and use their respective authentication mechanisms (e.g. OAuth).