Transcepta never stops working to ensure your business is safe in our hands – our security and privacy is built on industry best practices and continuous compliance validation.
All our products are secure by design. Every change and feature adheres to secure coding guidelines and is subjected to code analyzer tools, vulnerability scanners, and manual review processes. Our Software Development Life Cycle (SDLC) framework, built on industry best practices, is designed to ensure secure engineering principles are incorporated in the design process, coded into the implementation process, validated in the deployment process.
Our security framework ensures that each customer’s data is logically separated from other customers’ data. Furthermore, we provide encryption at rest as well as in transit to protect our customers’ data. Data retention and backup happens continuously in a secure manner across encrypted networks and encrypted persistence layers.
Disaster recovery and business continuity
Our disaster recovery and business continuity programs help us provide our customers with high data availability. Customer data is hosted in the Azure cloud with geographically diverse disaster recovery sites. This ensures that operations carry on smoothly with minimal or no loss of time, if one geographic area fails, another will come online.
We have a robust logging and monitoring system to ensure clean and secure traffic through our servers. We use intrusion detection and prevention systems to ensure protection and prevent misuse of our infrastructure. We use a combination of certified third-party scanning tools and in-house tools to manage vulnerabilities.
Risk Assessment Program
Transcepta has a documented risk management procedure and Secure Software Development Life Cycle process. We perform risk assessments of our products and infrastructure on a regular basis, including a review of our data classification policies and targeted reviews of highly confidential data flows.
A full security monitoring and incident response program is in place to alert, investigate, triage and remediate security events. Our Incident Response team performs a full investigation to determine the scope and impact of any security event or suspected incident and coordinates with the relevant teams for remediation.
- Encryption at rest
- Encryption in transit
- Single-sign on (SSO)
- Role-based access controls
- Logging, auditing and monitoring features
- Continuous, secure replication
We comply with the following industry-accepted standards to help you ensure your data is secure and compliant.
If you have any questions about our security policy, please contact firstname.lastname@example.org.