Platform Security

Teramind is dedicated to the security of its product, its users and their data

Certifications & Frameworks

Teramind is an ISO 27001 certified company using ISMS controls and NIST framework to stay secure and keep all collected data safe.

ISO 27001 entails 114 controls separated into 14 classes and 35 categories that include asset management, access controls, physical and environmental security, risk management, compliance, cryptography, operations security, supplier relations and more. These controls and clauses govern both customer data processing and Teramind’s own internal data processes.
Obtaining and maintaining ISO 27001 certification requires the completion of three stages of audit. The first stage serves as an introduction, while the second stage entails a comprehensive audit of the organization’s security practices relating to the ISO controls. The final stage is ongoing. To remain certified, Teramind is audited regularly to ensure its security policies and procedures are operating as intended.
Teramind leveraged the ISO framework to create a common language for its security implementation to deploy the highest standard security and privacy controls and procedures throughout our own organization as well as for our customers’ data.

ISO 27001 Certification

Conducted by Bureau Veritas, Teramind received ISO 27001:2013 certification in 2018. ISO is the international standard for best practices in information security. Organizations with ISO certification have proven through audit a demonstrated, ongoing commitment to the highest standards in data security and privacy.

ISMS

Teramind utilizes the Information Security Management System (ISMS) best practices which ensure the confidentiality, availability, and integrity of all of our IT assets. Nodes and repositories where data is hosted and stored are sensibly protected from threats and vulnerabilities.

Teramind’s ISMS program is built around policies that protect the confidentiality, availability and integrity of our IT assets in accordance with our strategic business objectives. To do so we practice: business continuity, acceptable use, configuration requirements and problem management in addition to the implementation listed below.
Teramind manages its risk by putting into place safeguards that include: information classification, physical security, access controls as well as managing passwords, documents, and incidents, including information security incidents.
Security policies are reviewed at least once a year by Teramind’s CISO and Information Security Committ (ISC).
Teramind assigned 7-levels of IS responsibility to ensure ISMS and ISO 27001 enforcement: CEO, CISO, HR Manager, Process & Quality Manager, Ops Admin, Director of Support Ops and IT Managers.
Our ISMS program implementation includes not only our products and services but also how we operate, maintain and improve information security at an organizational level. We hold ourselves and all individuals authorized to access our data including employees, associates, contractors and interns.
Teramind is committed to adhering to industry best practices for information security and the maintenance and improvement of our systems to ensure compliance with ISO 27001 and any relevant local and international requirements.
Teramind utilizes asset management, internal governance and threat assessment strategies and techniques to determine data security risks and vulnerabilities in our systems, assets and customer data.
We employ access controls, database security, employee awareness, cybersecurity training, technical resilience systems and industry best practices, policies and procedures to safeguard our information asserts and ensure the delivery of critical services.
Teramind continuously monitors and assesses its infrastructure and data security to identify cybersecurity events quickly and in the shortest time possible. This includes regular penetration testing and red teaming our systems to detect any weaknesses.
Our response to detected cybersecurity events follows the ISMS best practices covered in the section above to ensure a timely response. When an event is detected, we practice full transparency; coordinating with stakeholders and customers to ensure their awareness of events and what’s being done to remediate the event. Teramind’s remediation and mitigation system ensures similar future incidents are prevented.
Teramind follows the RC:Recover plan set by the NIST framework to recover after a cybersecurity event. It includes using forensic data to improve security perimeter (RC.IM), coordinating and communicating the threat intelligence with appropriate parties (RC.CO) including CSIRTS, SOC analysts, CSO/CISOs and auditors.

NIST

Teramind conforms to the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This framework provides strict cybersecurity guidance for private sector organizations in the US for how to best prevent, detect and respond to cyberattacks. We use NIST standards for both customer data processing and internal business processes.

Secure Deployment Options

The data centers and storage used by Teramind for its On-Premise and Private Cloud deployments
feature rigorous controls and compliance, offering uncompromising security.

Data Centers

Teramind Cloud deployments are hosted on multi-homed Tier-3 data centers. Tier-3 data centers are designed to handle large businesses and mission critical applications and meet the strictest reliability requirements

PCI accredited

Multi-ISO certified

Physical onsite protections with custom rack+cage security

N+1 Fault Tolerant, minimum 72-hour power outage protection

PS 951 certified

99.982% uptime

Maximum 1.6 hours of downtime per year

Multi-node architecture that ensures 99.82% SLA

Data Storage

Teramind uses the latest and most secure data storage practices to ensure customer data is stored safely and securely while still being accessible

256-bit AES encryption for all Teramind data, including customer data, at-rest

Encryption in motion to protect data being transmitted from network to public nodes

SSL with 4-key system and Active Validation for all HTTPS interactions

256-bit AES end-to-end encryption for all endpoint – server communications

TLS with a 4-key system and Active Validation for all Active Directory LDAP connections

Added in-platform protections assure customers have options for added layers of security

Active Directory integration capability

Role-based access control (RBAC) options and features

Multi-factor authentication (MFA)/Two-factor authentication (2FA) options

Teramind’s data retention and deletion policies protect cloud-deployment data

Adherence to GDPR’s Right to Erasure for EU citizens’ personal data

Deletion upon customer request policies

Session recordings stored for a period of six months, after which it is deleted

Programmatic deletion of session recordings

Security, Scalability and Reliability are part of the Teramind Platform

Platform Security Measures & Service

Teramind utilizes other company-wide security measures in addition to the certifications we’ve received and frameworks we implement.

Teramind conducts regular pentesting and red teaming on the platform and Cloud instances as part of our security audit practices. Penetration testing allows us to identify vulnerabilities and security gaps in our system, test our incident response and assess our risks through ethical hacking and cyberattack simulation.
Cloud and private cloud deployments offer vertical and horizontal scaling with optional autoscaling to meet every organization’s capacity demands.
Teramind’s redundant platform utilizes failover mechanisms and is constantly monitored to ensure server and deployment health. Cloud deployments are automatically backed up daily while on-premise and private cloud deployments come with the option for automated backup if needed.
Teramind sets the industry standard for fastest Recovery Time Objective (RTO) and Recovery Point Objective (RPO) for both systems and customers.
All Teramind deployments are eligible for email, chat and remote session support while Teramind On-Premise and Private Cloud (AWS, Azure) deployments receive follow-the-sun support with an Enterprise SLA.
Intrusion detection
– We monitor communications, servers, and gateway subnets with threat analytics and have internal NOC to respond to attacks, outages and other failures.

Port Blocking
– Teramind connections are only permitted over approved ports and all other ports are blocked to minimize intrusion.

FTP/SSH session
– All file transfers including internal file transfers are done over SFTP or FTPS. SSH sessions for administrative dashboard purposes require customer consent.

DDoS attack response
– Teramind uses volumetric, application layer and protocol based distributed denial of service attacks are detected and prevented using software and hardware firewalls and other methods.
Background checks
– Teramind uses multiple assessment methods during recruitment. Critical employees and system admins are subject to security clearance for sensitive and government projects.

Contracts and NDAs
– All employees including contractors must sign non-disclosure agreements and contracts that explicitly state our security, privacy and integrity policies

Employee Access
– Teramind follows a strict organizational structure that limits the spread information and access spread and only permits access to critical and sensitive information on a need-to-know basis.

Product Development
– We utilize industry-leading tools as well as our own proprietary software for product development, version control, code release, update/patch maintenance and ensure code integrity. Code reviews and third-party audits of development activity are periodically conducted.
Activity Monitoring
– Teramind utilizes its own Teramind UAM and Teramind DLP products to monitor its employees and data usage, including our third-party vendors, freelancers and contractors.

Employee Communications
– All email, chat, and web communications are encrypted. Employees use end-to-end encrypted messaging for in-house communications and our own deployed Teramind UAM & DLP add an extra layer of security by monitoring all communications.

Company Security Measures

Teramind’s top-down security encompasses the platform, the agent as well as our own business operations.

Let’s Get You Started

Protect your data, improve productivity
and manage compliance with Teramind.

Try the Live Demo
Start A Free Trial
Contact Sales