Security

StanfordTax is built to protect sensitive client tax information with stringent access controls, encryption, monitoring, and security practices designed for professional tax workflows.

Data Protection

StanfordTax encrypts customer data in transit and relies on encryption at rest provided by its cloud hosting, database, and storage providers.

Access to production systems and customer data is limited to authorized personnel with a business need. Critical company systems use multi-factor authentication or Google SSO backed by Google Workspace two-step verification where supported.

Production secrets are managed through 1Password and are shared only with authorized personnel or service accounts that need them.

Infrastructure

StanfordTax uses established cloud infrastructure providers for application hosting, edge routing, database services, object storage, and related production operations, including Cloudflare, Fly.io, and Neon.

Monitoring And Vulnerability Management

StanfordTax monitors production services and uses Aikido as its primary vulnerability-management provider to review application, dependency, repository, and internet-facing asset findings where configured. Findings are reviewed and remediated based on risk.

Security Contact

To report a suspected security issue, unauthorized account access, or other security concern, email support@stanfordtax.com.