Security Statement

Effective Date: February 24, 2026

Commitment

Stella Maris Governance LLC maintains security practices consistent with the standards we advise our clients to implement. As a firm specializing in CMMC readiness and defense compliance, we hold ourselves to the same rigor we expect from the organizations we serve.

Website Security

This website enforces the following security controls:

Infrastructure

The firm's website is hosted on Cloudflare Pages with global CDN distribution. DNS is managed through Cloudflare with DNSSEC enabled. Internal business systems are hosted on dedicated infrastructure behind Cloudflare Access with identity-based authentication.

Operational Security

All firm systems employ full disk encryption, hardware-based multi-factor authentication, endpoint detection and response, and encrypted backup with geographic redundancy. Business communications are conducted through encrypted channels. Client data handling follows documented information governance procedures.

Client Data Handling

The Firm does not store client CUI (Controlled Unclassified Information) on public-facing infrastructure. Client engagement data is handled in accordance with documented data handling procedures. NDA is available prior to any detailed scoping discussions.

Vulnerability Reporting

If you identify a security concern related to this website or any Stella Maris Governance infrastructure, please report it to robert@stellamarisgovernance.com. We take all reports seriously and will respond promptly.

Continuous Improvement

Security practices are reviewed and updated regularly. Governance artifacts are tracked within a dedicated GRC environment with version control and evidence traceability. The Firm's security posture is aligned with NIST SP 800-171 control requirements.