Account Basics and Security
Whether you're in the middle of researching a software solution or beginning onboarding, the process can be dizzying. Wrangling the information you need to make decisions or provision an account can be a time-consuming task, especially if your company must comply with certain standards or regulations, such as PCI or HIPAA.
But here at Stitch, we strive to make our product, from initial product research to implementation, as straightforward as possible. In this guide, we've put together everything you need to know about using Stitch to meet enterprise-level needs.
In this section, we'll cover:
What is Stitch?
Stitch is a flexible, effortless, powerful ETL service. Stitch connects to all your data sources – from databases like MongoDB and MySQL to SaaS tools like Salesforce and Zendesk – and replicates that data to destination (or destinations) of your choosing.
Our secure, managed data pipeline takes the headaches out of ETL by providing API maintenance, automated monitoring and alerts, and flexible replication configuration. With Stitch, you can provision data to analysts and other team members in minutes, not weeks.
Scalable and reliable ETL
We designed Stitch to securely and reliably replicate data at any volume, allowing you to grow without worrying about an ETL failure. Stitch’s infrastructure is ideal for efficiently handling critical workloads and, with multiple redundant safeguards, protects against data loss in the event of an outage.
At several stages in the pipeline, Stitch will encrypt and store replicated data to disk to ensure durability in the event of an outage. You can specify a custom data retention policy as part of your Enterprise plan.
We're transparent about our uptime track record, but we also offer the option of adding a product availability service-level agreement (SLA) to Enterprise plans.
Some decisions need to be made in real time, so providing fresh data is a key requirement of our data pipeline. Stitch runs on the schedule you define, ensuring you have access to the right data right when you need it.
Case Study: Spotluck
Using Stitch, Spotluck was able to get up and running with their first reports in less than a day. Because Stitch seamlessly aggregates data into their data warehouse, everyone at Spotluck now has access to up-to-date data without engineering assistance.
Before Stitch, there was a 24 hour delay before Spotluck’s in-house Python ETL process made data available, making it far less actionable. Now, Spotluck and their partners can see and act on their data in a moment’s notice.
Check out the rest of the Spotluck story →
Additionally, Enterprise plans have the option to add a data latency SLA to their contract.
To build or to buy?
When Stitch client Postman recognized their need for a data pipeline, they were faced with the same conundrum many other companies face: build or buy?
Postman’s engineering team quickly realized they would need to invest a lot of time and energy to build and maintain an internal data pipeline, which would take time away from their improving their own product.
That was when they decided to go with Stitch.
What’s in Enterprise?
Enterprise plans can include a number of exclusive features and options, such as custom data retention periods, custom integrations, account management, phone and priority support, SLAs, and HIPAA compliance.
In addition to having priority access to our expereienced and responsive support team, we'll assign a dedicated account manager to your team. We want to ensure you get the most out of Stitch and your entire data stack by fostering a long-term partnership.
Custom service-level agreements
You also have the option to add custom servce-level agreements (SLA) to an Enterprise contract. Whether you want to ensure support response times, data latency, or product availability, we can customize an SLA to fit the requirements and standards of your organization.
Security, privacy, and compliance
Stitch employs state-of-the-art security measures to ensure your private data stays private at all stages of the replication process. Once Stitch has loaded the data into your data warehouse, you have complete control over who accesses it.
Stitch has been certified compliant with the SOC 2 security, availability, and confidentiality principles by an independent auditor. Documentation is available upon request by contacting us.
If your data includes PHI subject to Health Insurance Portability and Accountability Act (HIPAA) regulations, Stitch has you covered. We offer encryption of data in transit and at rest, multifactor authentication, and access logging and monitoring.
We've worked with attorneys, security consultants, and health care policy experts to ensure HIPAA compliance as a business associate. Customers using Stitch with PHI and other HIPAA-regulated data must sign a Business Associate Agreement (BAA). For more information, see our white paper.
EU Data Privacy and GDPR
Stitch is in full compliance with the European Union's Global Data Protection Regulation (GDPR).
Customizable data retention
By default, Stitch will retain replicated data for a short period of time. As part of an Enterprise plan, you can define a custom retention period for your data.
Extended activity log access
Stitch enterprise customers have access to extended metadata log retention about replication jobs for 60 days to provide reporting on replication jobs and progress. This data is used to create Extraction Logs and Loading Reports, which provide insight into how Stitch replicates data from an integration.
End-to-end data security
Your data is secure in your data warehouse, but what about during the replication process? Stitch has you covered, from initial connection setup to when data is ultimately loaded:
- Integration connection encryption methods, including:
- SSL/TLS: Stitch uses SSL/TLS-based encryption for HTTP API integrations. We also attempt SSL connections by default for the majority of our destinations.
- SSH tunnels, both in- and outbound: With both database integrations and your data warehouse, Stitch can use built-in encryption functionality to both traditional and reverse SSH to tunnels to extract and load data.
- Amazon Virtual Private Cloud support: Stitch can connect to a database hosted in Amazon’s Virtual Private Cloud (VPC).
- IP address whitelisting
- Data encryption at rest and in transit, ensuring data security from extraction to loading. While at rest, Stitch encrypts data using the Advanced Encryption Standard (AES). While in transit, customer data is encrypted using TLS.
- Security configuration and user permissions for data warehouses allows you to control who accesses your data.
Stitch office security
Stitch has numerous protocols in place to protect your data as it moves through the cloud, but we also have several internal measures to secure our physical location:
- Stitch’s office is protected by electronic security and a 24/7/365 human staff.
- Employee workstations and the software that runs on them are kept up to date with the latest security patches.
- Stitch networks are protected by dedicated firewall services and intrusion detection systems to prevent unauthorized access, and our systems regularly undergo automated vulnerability scans.
In addition, new features undergo a security review by our team prior to release. Stitch is also regularly audited by security professionals who conduct penetration tests on our existing systems.
Account and team access
Whether you want to authorize a handful of colleagues or your whole team, it’s easy to invite people to Stitch. Enterprise accounts can add as many team members as needed to an account, so you don't have to worry about rationing access.
All users of an account have the same level of access. This means any authorized user can connect an integration or destination, modify connection settings, select or unselect tables and columns for replication, and pause replication.
Support, onboarding, and troubleshooting
While our goal is to make Stitch as user-friendly and intuitive as possible, there’ll still be times when you have questions or need help. Here’s where to look for answers.
Got a question about the data in one of your integrations? Trying to figure out your usage? Our extensive documentation includes setup guides for destinations and integrations, overviews of how each destination behaves and structures data, and detailed integration schema information.
We'll go into the technical details of Stitch in the next section of this guide, but if you'd like to jump into the docs, here are some quick links:
As part of our onboarding support, we’ll review your implementation during the free trial period to help you make the most of Stitch. Our team will provide you with explanations of any errors and suggested best practices to ensure you get the most out of Stitch.
If the docs don’t have what you’re looking for, the Stitch Support team will help you get to the bottom of things.
From 8 a.m. to 8 p.m. ET, our responsive, knowledgeable team is standing by to answer your questions or help you troubleshoot issues — all you need to do is click the pink chat bubble in the bottom right corner of any Stitch screen. If chatting isn’t for you, we also offer phone support for Enterprise customers.
Every Enterprise plan comes with priority support and the option to add support SLAs, ensuring your issues go straight to the top of the queue.