Data Security is a Core Principle at StoryFit

Data Security is a Core Principle at StoryFit

Protecting our customers’ intellectual property is so important to us, we built our entire company around security best practices.

We love stories as much as you do, and we understand every step of transforming narrative content into entertainment for the masses must be secure. Ensuring the tools used to develop, share, and promote your company's IP are secure is a top priority, and we couldn't agree more – not only is our site secure, but we don’t talk about customers’ projects with anyone. Security is part of our culture, baked into the processes we’ve built since day one.


How we secure your IP

When you transfer a script or manuscript to StoryFit, the file is encrypted using SSL/TLS. Each customer’s IP is stored in an isolated environment and remains encrypted at rest. From there, we use automated tools to generate metadata on your IP, then run the metadata (not the IP itself) through our machine learning algorithms to generate the insights and information we ultimately share with you.

At every stage of the process, we keep your IP encrypted and secure, and keep our OS and applications patched and updated.

While we live and breathe security around here, we also know it’s not enough to rely solely on our own expertise. So we turned to 1337 Defense (formerly known as Threatcare), a white hat security firm founded by a cryptography expert with 20+ years’ experience identifying security gaps for government agencies and other high-security organizations. We asked them to try to hack us, to look for vulnerabilities in our system and our processes, and to let us know what they discovered.

The 1337 Defense team got right to work, following National Institute of Standards and Technology (NIST) Special Publication 800-115 and Penetration Testing Execution Standard (PTES) recommendations to conduct a threat modeling exercise against our systems. They also used proprietary tools to map active ports and services, and conducted automated vulnerability scans to see if there were any security gaps. After mimicking cyber attacks on our network, hardware, applications, and even our employees, we earned their gold star of approval.

But we didn't stop there. Security threats grow and evolve all the time, so we're committed to an ongoing partnership with 1337 Defense to stay up-to-date on best practices.