Our infrastructure and security team includes people who’ve played lead roles in designing, building, and operating highly secure Internet facing systems.
However, our long experience has taught us that maintaining security is an ongoing process and that no one organization can hope to be the best at all aspects of security. So we work closely with the best partners we can find — like Rackspace for hosting and Stripe for payments — that focus exclusively on maintaining leadership in their particular areas of security expertise.
Most importantly, we respect your privacy and the security of your records. Everything we do at TeamsID is built around that respect and designed to maintain your privacy and security. We would never do anything with your data that we wouldn’t be proud to tell the world about.
• With TeamsID, you have the option of how you want your data hosted. You can host TeamsID yourself on premises, or you always have the option of choosing to host services in cloud servers managed by Rackspace, whom we believe to be the best in the business at managing secure cloud services. TeamsID does not run its own routers, load balancers, DNS servers, or physical servers.
• All our hosted services and data are managed in Rackspace facilities in the USA. Our hosted services have been built with disaster recovery in mind.
• All TeamsID hosted servers are within a virtual private cloud (VPC) with network access control lists (ACL’s), firewalls, and an Intrusion Detection System (IDS) that together help prevent any unauthorized requests.
For our TeamsID hosted services, we have uptime of 99.9% or higher. You can check our past statistics at: http://status.teamsid.com
• All customer data is stored in the USA.
• Customer data is stored in multi-tenant datastores; we do not have individual datastores for each customer. All data is stored using 256-bit AES encryption with multiple keys. We maintain strict privacy controls in our application code to ensure data privacy. We have regular unit and integration tests to ensure these privacy controls work as expected.
• Our API and application endpoints are TLS/SSL only and score an “A” rating on SSL Labs’ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
• TeamsID is served 100% over https. TeamsID runs a zero-trust corporate network.
• There are no corporate resources or additional privileges from being on TeamsID network.
• We maintain and enforce strong password policies.
Permissions and Admin Controls
• TeamsID enables organization admins to set permission levels for any employee with access to TeamsID.
• Permissions can be set to exclude access to organizations, teams, records, or record editing.
• On an application level, we produce audit logs for all activity.
• All access to TeamsID applications is logged and audited.
• All actions taken on production consoles or in the TeamsID application are logged.
Build Process Automation
• We have automation in place so that we can safely and reliably rollout changes to both our application and operating platform within minutes.
• We typically deploy code to the production environment multiple times a week.
• We engage with well-regarded “white hats” and independent services to audit our code base and work with us to resolve potential issues.
• Our ongoing auditing process allows us to do ad-hoc security analysis, track changes made to our setup and audit access to every layer of our stack.
• TeamsID complies with the U.S.-E.U. Safe Harbor Framework and the U.S.- Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from European Union member countries and Switzerland.
• TeamsID has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
TeamsID is not subject to PCI as all payment instrument processing is performed by a trusted partner that focuses exclusively on secure payment processing, Stripe.