Security at Tailor Technologies. inc
As a provider of platform solutions to enterprise customers, Tailor is committed to ensuring platform security through both Enterprise and Product security approaches.
Enterprise security
Tailor's enterprise security approach involves securing our infrastructure, protecting customer data, and maintaining strict access controls (RBAC). To achieve this, we use network segmentation, firewalls, and intrusion detection systems (Endpoint protection), as well as conducting third-party security assessments (Vendor Security). We also provide regular security education and training to our employees to stay up-to-date on best practices and safeguard against potential threats (Security education).
Role-based access control (RBAC)
Tailor employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application.
Endpoint protection
All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.
Vendor Security
Tailor assesses the security risk of vendors based on factors such as their access to customer and corporate data and their integration with production environments. We use this information to determine the inherent risk rating of the vendor. Finally, we evaluate the vendor's security to determine the residual risk rating and decide whether to approve the vendor.
Security education
Tailor provides comprehensive security training to all employees upon onboarding and annually through educational modules. Tailor’s security team shares threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.
Product Security
Tailor's product security approach includes the protection of customer data through encryption (Data Encryption) and vulnerability assessments (Vulnerability). These measures help ensure that customer data is protected from unauthorized access and potential security risks are identified and addressed in a timely manner.
Data Encryption
At Tailor, the security of customer data is a top priority. To ensure its protection from unauthorized access, we use AES-256 encryption to encrypt all customer data at rest, and TLS encryption during transit. These industry-standard encryption protocols are designed to keep customer data secure at all times.
Vulnerability
To proactively identify and address potential security risks, Tailor performs regular vulnerability assessments. Any vulnerabilities that directly affect our systems and services are promptly patched or remediated based on the severity of the issue and the availability of a patch or remediation instructions.
Status Page
For the product status page, we use Statuspage, a third-party service that provides a public status page for Tailor.
Release Notes
For Release Notes, please see here.
SOC 2
Tailor complies with SOC2, which is a compliance framework by the American Institute of Certified Public Accountants' (AICPA).
Potential customers can reach out to us for more information.