Taltrics Security Overview

Taltrics Security Overview

At Taltrics, protecting our customers' data is our highest priority. We have implemented comprehensive security measures across all aspects of our infrastructure, from hosting and data storage to authentication and monitoring. Below, we outline the key practices and technologies we employ to ensure the security and integrity of our systems.

- Data Protection
Compliance and Best Practices Taltrics is committed to adhering to industry best practices for security and data protection. We continually evaluate and enhance our security protocols to align with evolving standards and regulations.
- Infrastructure
Hosting and Architecture Our services are hosted on a robust and secure cloud infrastructure. We deploy our applications on scalable compute instances, allowing us to scale efficiently while maintaining high performance.
Security Certificates We use a certificate management service to manage SSL/TLS certificates, ensuring secure communication between clients and our services.
Disaster Recovery and Redundancy Our systems are designed with redundancy and failover capabilities. This architecture minimizes the risk of service disruptions and enhances resilience.
Data Centers Our infrastructure is hosted in data centers that hold multiple certifications, including:
  • ISO 27001
  • ISO 27017
  • ISO 27018
  • SOC 2 Type II
  • PCI DSS Level 1
  • FedRAMP
  • HIPAA
Vulnerability Management We proactively manage vulnerabilities by conducting regular security assessments, including scans and penetration tests. We use a secrets management service for secure handling of sensitive information such as API keys and database credentials.
Firewall and Network Security Our network security is enhanced using security groups and network access control lists (ACLs) to control inbound and outbound traffic at the instance and subnet levels. We lock down all non-essential ports and use load balancers as an additional layer of security to manage incoming traffic.
- Data Management
Secure Data Storage Customer data is securely stored using a cloud database service with advanced security features. The service holds certifications such as:
  • ISO 27001
  • SOC 2 Type II
  • PCI DSS
  • HIPAA
File Storage We use secure file storage services that provide durable and scalable storage with advanced security features, including server-side encryption and access policies. The file storage service is certified under:
  • ISO 27001
  • ISO 27017
  • ISO 27018
  • SOC 2 Type II
  • PCI DSS Level 1
Logging and Monitoring We utilize logging and monitoring tools for comprehensive visibility into our systems. These tools help us detect and respond to issues promptly. Certifications for these services include:
  • ISO 27001
  • SOC 2 Type II
  • GDPR Compliance
All logs are encrypted, and sensitive information is sanitized to prevent exposure.
- Authentication and Access Control
Secure Authentication Taltrics utilizes an authentication and authorization platform for secure user authentication and password management. This platform provides robust features, including support for Single Sign-On (SSO) and Multi-Factor Authentication (MFA). The platform's certifications include:
  • ISO 27001
  • ISO 27018
  • SOC 2 Type II
  • PCI DSS Level 1
  • FedRAMP Moderate
  • GDPR Compliance
Staff Access Control Access to critical systems by our staff is tightly controlled. Multi-factor authentication is required, and permissions are granted based on role necessity. Regular audits ensure adherence to the principle of least privilege.
User Roles and Permissions Our platform supports detailed user role configurations, allowing for granular control over access to data and functionalities. This helps protect sensitive information, including Personally Identifiable Information (PII).
- Encryption Practices
Data Encryption in Transit All data transmitted between clients and our servers is encrypted using industry-standard protocols such as TLS 1.2 and above. We enforce HTTPS across all web services, utilizing certificates managed by our certificate management service to secure communication over the internet.
- Policies and Compliance
Security Policies We maintain comprehensive security policies covering all aspects of our operations. These policies are regularly reviewed and updated to reflect the latest industry standards and are enforced throughout our organization.
Incident Response Plan Taltrics has an established incident response plan to address and mitigate security incidents swiftly. Our team is trained to handle security events promptly and effectively.