Data encryption

All data running through TeamSense is encrypted in transit and at rest. Connection to TeamSense is secured through TLS using modern cipher suites.

Data access

We limit TeamSense employee access to our customers’ data on a need-to-have basis, with regular tests and reviews of those permissions. Role-based access controls (RBAC) are built into the TeamSense application to allow our customers to grant or restrict access to certain capabilities.

Data centers and system security

TeamSense is hosted in Microsoft Azure, allowing us to benefit from its world-class security posture. Azure data centers provide multi-layered security across physical data centers, infrastructure, and operations, meeting SOC 2, ISO 27001, and numerous other security standards.

Microsoft Azure servers are automatically updated and maintained. Additionally, TeamSense reviews, scans, and updates our systems and code on a regular basis to address security threats. Furthermore, we continuously monitor our systems for errors and crashes and act on those events immediately.

TeamSense conducts penetration tests with third parties on an annual basis to identify and fix any vulnerabilities in our system.

Data continuity

TeamSense systems are configured to be redundant and to fail-over if a fault should occur. Servers are located across multiple data centers with automatic recovery. Redundancy and auto-recovery are tested in our maintenance cycles and through regular recovery tests. Database data is continuously backed up to highly durable, cloud storage.

Network security

Inbound traffic is disabled by default and only allowed for specific, known protocols and traffic. TeamSense also runs intrusion detection and monitoring for out-of-ordinary traffic, acting on those events immediately, should they occur.

GDPR & CCPA

TeamSense implements GDPR controls to help our EU customers meet compliance requirements, and have all of the CCPA controls in place to protect your data.

Please reach out to security@teamsense.com (a carefully controlled and monitored account) for any questions or to raise any concerns or vulnerabilities.