Security Policy
Last Updated: September 2nd, 2022
Overview
At Talaera, we take the security of our customer’s data very seriously. This policy outlines the organizational and technological means implemented to ensure that this data is protected from unauthorized or inadvertent access, manipulation, or deletion. The document is divided into the following sections:
-
Server Infrastructure
-
Data Storage
-
Data Transfer
-
Authentication and Access Control
-
Application Monitoring and Testing
-
Customer Responsibility
Server Infrastructure
All of Talaera’s user-facing applications are operated in Amazon Web Services (AWS), in a dedicated Virtual Private Cloud (VPC). The specific servers that host and run Talaera processes are located in the United States of America. No Talaera employee or anyone affiliated with Talaera has physical access to these servers. Remote access is highly restricted internally and requires the use of a Bastion host. Further information on AWS data protection and security policies can be found on the AWS Cloud Security web pages.
Data Storage
All data is stored on AWS infrastructure and protected by AWS Cloud Security best practices. Data is encrypted while at rest, using a 256-bit Salsa20 stream cypher. All data is stored in the United States of America on multi-tenant servers. Customer data is logically separated and the Talaera application has multiple access control mechanisms in place to ensure that a user cannot access another user’s data.
Data Transfer
Talaera uses HTTPS to ensure that all data is encrypted while in transit to and from Talaera servers.
Authentication and Access Control
All access to the Talaera platform and associated services used in the development of Talaera is strictly controlled via internal access policies. Access is role-based, and Talaera employees with elevated privileges or access to any customer data are required to authenticate via Multi-Factor Authentication (MFA).
Customer access to the Talaera platform can be managed by the customer’s account manager or self-managed by designated individuals within the customer’s organization.
Application Monitoring and Testing
All of Talaera’s servers run intrusion prevention and anti-malware software. All of the development environments and code bases are scanned regularly for viruses, security vulnerabilities, and libraries are patched and upgraded accordingly.
Talaera also leverages server and application performance monitoring on our production systems, to identify any aberrant behaviors or performance bottlenecks that might degrade a user’s experience on the Talaera platform.
Customer Responsibilities
Customers are responsible for ensuring their own account credentials including username and password are kept safe and not shared with anyone. Please inform Talaera if a user’s credentials are suspected of being compromised.