Security
MyTesora is built with enterprise-grade security from the ground up. We understand that actuarial data is sensitive, and we take its protection seriously.
Encryption
All data is encrypted at rest using AES-256 and in transit using TLS 1.3.
SOC 2 Type II
Our infrastructure and processes are SOC 2 Type II certified.
Dedicated Environments
Enterprise customers can opt for dedicated, isolated environments.
Access Controls
Role-based access controls with SSO integration and MFA support.
Business Continuity
Regular backups with point-in-time recovery and disaster recovery planning.
Audit Logging
Comprehensive audit logs for all system and user activities.
Our Security Practices
Infrastructure Security
MyTesora runs on secure cloud infrastructure with multiple layers of protection. We use virtual private clouds (VPCs), network segmentation, and web application firewalls to protect against unauthorized access and attacks.
Application Security
Our development practices include secure coding guidelines, regular code reviews, static analysis, and penetration testing. We follow OWASP guidelines and maintain a vulnerability management program.
Data Protection
Customer data is logically separated and access is strictly controlled. We maintain data residency options for customers with specific requirements and support data deletion upon request.
Employee Security
All employees undergo background checks and security training. Access to customer data is limited to those who need it and is logged for audit purposes. We enforce the principle of least privilege across our organization.
Incident Response
We maintain a documented incident response plan with defined procedures for detection, containment, eradication, and recovery. Customers are notified promptly of any security incidents that affect their data.
Security Questions?
For security inquiries or to report a vulnerability, please contact our security team.
security@mytesora.com