TERJITSOLUTIONS

Security & Data Handling

How we protect your data—and respect your ownership of it.

Access Control

  • Role-based access control (RBAC) for all systems
  • Multi-factor authentication (MFA) support
  • SSO/SAML integration available for enterprise deployments
  • Break-glass admin access with full audit trail
  • Least-privilege principles across all environments

Logging & Monitoring

  • Comprehensive audit logs for all data access and changes
  • Log retention configurable (default: 90 days, extendable to 1+ year)
  • Exportable logs in standard formats (JSON, CSV)
  • Real-time alerts for anomalous activity
  • Immutable audit trail for compliance workflows

Development & Security Practices

  • Code review required for all production changes
  • Automated dependency scanning and vulnerability alerts
  • Secrets management via encrypted vaults (never in code)
  • Regular security patching and updates
  • Encryption in transit (TLS 1.3) and at rest (AES-256)

Data Boundaries & Isolation

  • Logical tenant separation (data isolated per client)
  • Environment separation: dev, staging, production
  • No shared credentials across environments
  • Client data never used for training or analytics without explicit consent

Incident Response

  • Documented incident response process
  • Initial acknowledgment within 4 business hours
  • Root cause analysis and remediation plan within 48 hours
  • Post-incident report provided on request
  • Clear escalation path and communication protocol

Deployment Options

  • Cloud deployment (AWS, Azure, GCP) as default
  • Client VPC deployment available for added isolation
  • On-premises deployment discussed case-by-case
  • Hybrid configurations supported where needed

Data Ownership & Portability

  • You own your data—full stop. We're the processor, not the owner.
  • Export your data anytime in standard formats (JSON, CSV, SQL)
  • Data deletion within 30 days of request (with confirmation)
  • No lock-in: clear migration path if you move to another system

Compliance & Frameworks

  • We can work within SOC 2, HIPAA, and GDPR-aligned requirements
  • NDA available before any technical discussions
  • Willing to undergo client security questionnaires and audits
  • Documentation provided for your compliance workflows

Questions?

Have specific security requirements or questions? We're happy to discuss your needs in detail.

Get in TouchView case studies