Security at Televic Group
Security is our top priority and embedded into all processes. We remain vigilant and focus on continuous improvement.
We encourage security researchers to responsibly disclose any potential vulnerabilities uncovered to firstname.lastname@example.org. We are committed to addressing security issues responsibly and in a timely manner. To protect our customers, we request that you please refrain from sharing information about any potential vulnerabilities with anyone outside of Televic until we have had the opportunity to review and address them with you.
This version of the Security was reviewed on August 1, 2023.
Why we are trusted by a variety of customers around the globe
Our security program includes governance and technical controls to ensure our infrastructure, data, and code are secure and monitored. We maintain a mapping of our controls onto ISO 27001.
All data are encrypted in transit and at rest in Televic Group systems. We secure all data in transit via TLS 1.2 or higher, meeting industry standards. Symmetric encryption (AES-256) is used to protect data at rest.
Televic Group has partnered with independent external security resources to ensure we properly execute our security program. Regular vulnerability assessments and penetration tests and review of our policies, vendor management, and risk management programs are critical to our infosec program.
Televic Group Security
- All data is stored in Televic Group’s Azure environment or in our on-premises datacentres. All infrastructure is hosted in EU regions.
- We strongly believe in least-privilege access to all infrastructure.
- All users authenticate using SSO with MFA.
- Network vulnerability scans are performed on a monthly basis.
- Perimeter firewalls block unauthorized ports, protocols and attacks.
- All data is encrypted in transit and at rest in our systems.
- Televic Group secures all data in transit via TLS 1.2+. Systems are configured to require the TLS protocol, meeting industry standards for externally facing systems. An up-to-date assessment of our, TLS configurations is available at SSL Labs SSL Test.
- Symmetric encryption (AES-256) is used to protect data at rest., This ensures data is only viewable by authorized users.
- All access to data sources, queries, and results is logged and audited.
Independent verification and auditing
- Televic Group has partnered with independent external security resources to ensure we properly execute, our security program.
- We treat consistent monitoring of our infrastructure through regular vulnerability assessments and penetration tests, along with a review of our policies, vendor management, and risk management programs, as critical for our information security program.
- We rely on our relationships with security, compliance, and governance partners to ensure Televic Group is held to the highest standards.
Our additional security programs.
We require annual security training for all Televic Group employees, including review of and attestation to Televic Group’s Information Security & Privacy Policies.
Our asset management policies require tracking and inventory of all hardware. We use device management to enforce security settings, anti-virus, updates and hard drive encryption.
Our identity and access management program ensures data is only available to appropriate parties. Televic Group employees are granted access on a least-privilege methodology, and such access is monitored and regularly audited.
We maintain a robust vendor management program and require vetting of all third-party software and contractors. Our Incident Response Plan and Business Continuity/Disaster Recovery Plan are reviewed and tested annually.