StarfishETL security features

StarfishETL security features

StarfishETL security features



Compliance and data privacy

·       No data kept at rest on  StarfishETL iPaaS servers

·       Data in motion is encrypted using HTTPS

Infrastructure protection

·       StarfishETL iPaaS servers hosted on AWS 

·       Servers are hosted on the Eastern US locations.

·       AWS data centers and a network architected to protect information, identities, applications, and devices. 

·       Access to the servers by the StarfishETL Cartographer Operations team governed by documented procedures to keep system access secure.


Threat detection

·       AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.

·       Cartographer Operations team monitors activity per documented procedures and will inform 

GDPR compliance

StarfishETL team provides easy-to-access information during the opt-in process so an individual may request any personal information that  StarfishETL processes about them including:

·       The personal data held about them

·       The purposes of the processing

·       The categories of personal data concerned

·       The recipients to whom the personal data has/will be disclosed

·       How long  StarfishETL intends to store the personal data

·       If StarfishETL did not collect the data directly from them, information about the source

·       The right to have incomplete or inaccurate data about them corrected or completed, and the process for requesting this

·       The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from  StarfishETL, and be informed about any automated decision-making that is used

·       The right to lodge a complaint or seek judicial remedy, and who to contact in such instances

Password encryption 


·       Uses AES 256-bit encryption

·       Endpoint credentials

·     Cartographer login credentials

·       Both Cartographer and on-premises deployed environments encrypt login credentials.

·       On-premises Cartographer (Admin) does not require login credentials. Password encryption is therefore not required.

Password recovery

·        StarfishETL iPaaS supports password recovery. Password recovery is initiated through a link on the login page. Reset links are sent to the email associated with the user requesting the password reset.

·       On-premises Cartographer (Admin) does not require login credentials. Password encryption is therefore not required.




Encrypted SQL DB

·        StarfishETL leverages SQL for storage of project metadata, transaction history, foreign key cross-references, project configuration data and end point metadata.

·        StarfishETL iPaaS local storage is encrypted using SQL Server’s encryption tools.

·       On-premises systems can opt in to encrypt SQL DB by setting up SQL server to encrypt the local database.

Configurable single outbound connection to  StarfishETL iPaaS services

·       Utilize the  StarfishETL Ray as the configurable single outbound connection agent that will connect to the  StarfishETL iPaaS services.

·       Securely exposes protected internal systems to allow integrations with Cartographer systems

·       Light footprint agent is installed within the client’s network which enables bi-directional SSL encrypted communication

·       Once Agent is installed, connections and mappings are administered using the Cartographer 

·       Single outbound connection to our secured servers


Data over the wire encrypted using HTTPS

·       StarfishETL connections over the internet use HTTPS to encrypt data over the wire.

Whitelist StarfishETL iPaaS

·       Whitelisting a server’s IP that needs access to a server inside a firewall is a common technique used by our customers to increase security.

·       Whitelisting the  StarfishETL iPaaS server’s IP address associates the server as a secured location. 

·       Whitelisting often meets high security requirements for physical servers outside of company’s secure environment.




    • Related Articles

    • SugarCRM REST Connector

      SugarCRM REST Origin Use JSONLint to validate JSON: Sample Origin Filters See the GET /<module> filterList in the SugarCRM REST Help: https://SERVER/rest/v10/help/ Note the [{...}] surrounding the filter. This is required. ...
    • StarfishETL iPaaS Logging Features and Settings

      StarfishETL iPaaS Logging Features and Settings StarfishETL iPaaS has a number of options for logging and monitoring integration activity. Logging is required at various stages of the integration mapping process, during the testing phase prior to ...
    • StarfishETL Cartographer 2-factor Authentication (2FA)

      The latest update for StarfishETL Cartographer has 2-factor authentication (2FA) enabled. Update applied to StarfishETL Cartographer servers March 26, 2020. This feature is part of the StarfishETL product strategy to continually improve your ...
    • StarfishETL Updater

      Update Wizard StarfishETL has a built-in updater. To start, click the Starfish button and select “Check for Updates” or launch StarfishUpdater.exe directly from within the Connect Creatio Admin installation path. NOTE: It is often times necessary to ...
    • Writing to a local CSV from the StarfishETL Cartographer

      Even though more and more services are moving to cloud-based solutions, often times we still need to interface to on-premises software using CSV files. To do this using the StarfishETL iPaaS system, you'll need to set up a Starfish Ray. A Ray will ...