Built for large organizations Learn more

Providing a secure knowledge management software is our top priority

Customers trust us to keep their proprietary data safe. We have a team of experts and robust security measures to provide excellent protection.

GDPR & Standard Contractual Clauses (SCC) for data transfers
SOC 2 Type II report Enterprise
Single sign-on (SSO) - SAML, AD Basic Business Enterprise
SCIM provisioning Business Enterprise

Operational practices

All employees must complete a background check during recruitment and sign our Acceptable Use Policy at the time of their employment.

Physical security

We use colocation facilities with industry-standard access controls including limited access, 24/7 on-premises security and biometric identity verification.


Your data is only accessible to a select group of technical personnel for the purpose of maintaining the security and availability of our service.


We support and comply with GDPR and use SCCs to cover data transfers. We do not mine your data for any reason, nor sell it to third-parties.


Explicit permission from you is strictly required if or when accessing the network with your data.

Information Security

Our robust Information security program is built on the reputable ISO 27001 framework. Access to our Information Security Policy can be provided after signing an NDA.


Your data is logically isolated into its own SQL schema and stored in separate databases accessible only by requests from your team.


All customer data is encrypted when in transit over public networks and within our network between the private Teams network zone and the rest of our infrastructure.

Frequently Asked Security Questions

General security measures for our knowledge management software

What is the difference between hosting yourself or in the Stack Overflow Enterprise Managed Cloud?

If you decide to host data in your own data center, this changes who has physical access to the servers.

Is client data encrypted?

The Stack Overflow Enterprise application requires the use of HTTPS in order for our clients to communicate with the site.

Who has access to login details?

Stack Overflow doesn’t store usernames or passwords that are owned and managed by your organization because we require you to configure a SAML 2.0 Identity Provider (IDP) in order for users to access the site. To successfully log in with an account from a configured SAML 2.0 IDP, we require a unique ID, an email, and a full name.

Which Security certifications do you have on an organizational level?

We operate according to Support Privacy Shield and GDPR. We also have a SOC 2 Type II report.

Security measures for hosting on your own premises

Where is Stack Overflow Enterprise Customer Data stored?

With Enterprise you have a choice between hosting the application in your own data center or cloud service.

Azure cloud security measures

Where is Stack Overflow Enterprise Customer Data stored?

For the Enterprise Cloud option, we use Microsoft Azure Cloud, which means you’ll have world class infrastructure and security of that platform as your backbone, including SOC II and ISO27001 certified infrastructure.

How do you separate my Team’s data from public Stack Overflow data?

Each Enterprise instance of Stack Overflow for Teams is isolated in its own Virtual Network within our Azure Cloud Subscription. This means that the infrastructure for your Team is not shared among our customer base and we provision each customer’s infrastructure in such a way that traffic and data never cross customer boundaries.

Can issues on other Enterprise clients instances affect my data?

No. The whole infrastructure is set up to isolate applications, networks, and ultimately your data from other customers. We provision a separate Virtual Network in our Azure Cloud Subscription for each customer.

What encryption is used on Azure?

For Cloud Hosted, we utilize SQL Transparent Data Encryption (TDE) to encrypted data at rest. Data in transit is encrypted using TLS 1.2 using a SHA256 certificate with a 2048-bit key.

Who has admin access at Stack Overflow?

Access is restricted to Site Reliability Engineers for Stack Overflow Enterprise who have been trained on the information security policies and guidelines in place. This includes guidelines for Data Loss and Leakage Prevention which aim to prevent customer data from ever leaving your provisioned resource group in our Azure Cloud subscription.

Where can I learn more about Azure Cloud?

Since we run and manage the Stack Overflow Enterprise Managed Cloud service through a SOC II and ISO27001 certified Azure Cloud, you can learn all about it in detailed specifications published by Azure Cloud on the security of its public cloud platform and infrastructure.

Need this security information to go?
Download PDF

Get to know our customers who rely on Stack Overflow for Teams.

See our customers