SECURITY & DATA PROTECTION

Your employee data is secure with us.

Your data and privacy is sacrosanct. Which is why we’ve put in enterprise-grade safeguards to make sure it stays secure and protected.

Compliance Forms. Tydy makes it simple and easy to capture data for compliance.
Capture skills data. Create custom forms to capture skills and other personal data.
Contextual Feedback. Do not wait for day 30 or the quarterly analysis. Ask for feedback as soon as an event happens. 

Internationally certified and compliant

We comply with global data protection and security frameworks and undergo routine audits to receive updated certifications.

DATA & INFRASTRUCTURE SECURITY

Employee data is sensitive and we’ve built our platform keeping that in mind.

Secure infrastructure provider

We are hosted on the same reliable & scalable infrastructure that is used to power Amazon.com and other large enterprises. AWS facilities are protected by a number of security features such as backup power, fire suppression, HVAC systems, 24/7 on-site security, security feeds, intrusion detection technology, and more.

Data encryption in transit & at rest 

Data sent to or from Tydy uses high-grade TLS 1.2 (https) technology. This is industry standard technology, used by all tech giants and financial institutions. And at rest, data is encrypted using AES-256 key encryption. 

Automated data redundancy and data backup

Tydy’s infrastructure has been designed to be fault tolerant. All databases operate in a cluster configuration and the application tier scales using load balancing technology that dynamically meets demand.
Our data centers backup data at least once a day and it is fully restorable within a reasonable time in the unlikely event of a problem.

Strict access controls

Access to all Tydy systems is managed through our identity provider, which automates user provisioning, enforces 2-Factor Authentication, and logs all activity.
When choosing a new password, we help customers pick strong passwords that have not been exposed in security breaches on other websites.

Server security and monitoring

All servers are configured using security guidelines, and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.
The cloud operates 44 Availability Zones within 16 geographic regions around the world, and is expanding constantly.

PRODUCT SECURITY

At Tydy, while security is everyone’s responsibility, our developers and engineers are our most important gatekeepers.

Penetration testing and App Monitoring

Our engineers regularly run internal penetration tests and all app access is logged and audited. A Web App Firewall (WAF) and Runtime App Self Protection Agent (RASP) keeps our systems protected at all times. In addition, 3rd party penetration tests are conducted by global agencies to verify security of the platform.

Development and change management process

Code development is done through a documented SDLC process, and every change is tracked via GitHub. Automated controls ensure changes are peer-reviewed and pass a series of tests before being deployed to production.

Third-party vendor security

We carefuly vet all third-party apps and providers to make sure that they meet our data protection standards before using them. All vendors must sign an NDA before getting access to our systems.

PEOPLE SECURITY

We expect the highest standards of ethics and integrity from our people.

Security policies 

Tydy maintains a set of comprehensive security policies that are kept up to date to meet the changing security environment.

Onboarding process

As you could imagine, we spend a lot of time obsessing about our onboarding :) Every new hire at Tydy must pass a thorough background check. These checks are also required to be completed for contractors. All new hires are required to sign Non-Disclosure and Confidentiality agreements.

Security training

Tydy employees attend a Security Awareness Training, which is given upon hire and annually thereafter. All engineers receive annual Secure Code Training. 

Offboarding process

Departing employees access to devices and apps are switched off instantly during their offboarding process.

Safe and sound. Your data is our responsibility and we take it very seriously.

Let's start by scheduling your demo.
Schedule your demo