TernioSwitch Security Whitepaper
Ternio’s mobile application, the TernioSwitch, provides a mobile
telephony solution to users worldwide “mobilizing their workforce”.
Security is a key component in our application and is
reflected in our people, process, and app.
This page covers topics like data security, operational security,
and physical security to explain how we offer security to our customers.
Updated on: February 3rd 2020
Our security strategy involves the following components:
♦ Organizational security
♦ Physical security
♦ Infrastructure security
♦ Data security
♦ Identity and access control
♦ Operational security
♦ Incident management
♦ Vendor & Third Party disclosures
♦ Customer controls for security
We employ strict policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of customer data.
Employee background checks
Each employee undergoes a process of background verification. We hire reputed external agencies to perform this check on our behalf. We do this to verify their criminal records, previous employment records if any, and educational background. Until this check is performed, the employee is not assigned tasks that may pose risks.
Each employee, when inducted, signs a confidentiality agreement and acceptable use policy, after which they undergo training in information security, privacy, and compliance. We provide training on specific aspects of security, that they may require based on their roles.
We educate our employees continually on information security, privacy, and compliance in our internal community where our employees are kept up to date regarding the security practices of the organization.
Security and Privacy team
Internal audit and compliance
We review procedures and policies in Ternio to align them with standards, and to determine what controls, processes, and systems are needed to meet the standards.
All Ternio workstations run up-to-date OS versions and are configured with anti-virus software. They are configured such that they comply with our standards for security, which require all workstations to be properly configured and patched. These workstations are secure having strong passwords, and get locked when they are idle.
Learn more HERE.
Our data is hosted on Microsoft Azure servers. Microsoft takes a layered approach to physical security, to reduce the risk of unauthorized users gaining physical access to data and the datacenter resources. Data centers managed by Microsoft have extensive layers of protection: access approval at the facility’s perimeter, at the building’s perimeter, inside the building, and on the datacenter floor.
Learn more HERE.
All the components of our platform are redundant. We use a distributed grid architecture to shield our system and services from the effects of possible server failures. If there’s a server failure, users can carry on as usual because the TernioSwitch will still be available to them.
Learn more HERE.
Secure by design
Every change and new feature is governed by a change management policy to ensure all application changes are authorized before implementation into production. Our Software Development Life Cycle (SDLC) mandates adherence to secure coding guidelines, as well as screening of code changes for potential security issues with our code analyzer tools, vulnerability scanners, and manual review processes.
Each customer’s data is logically separated from other customers’ data using a set of secure protocols in the framework. This ensures that no customer’s service data becomes accessible to another customer.
The service data is stored on our servers when you use our services. Your data is owned by you, and not by Ternio. We do not share this data with any third party without your consent.
Given our focus on Privacy & Security by Design, it’s important to understand how we’ve built the TernioSwitch from the ground up with the idea of providing a robust and extremely secure app that companies can comfortably use to mobilize their workforce. The TernioSwitch remains isolated from the customer’s actual call data. To achieve this we separate the user’s login process from the functioning of the mobile app with the contact center platform.
When a user initially logs into the TernioSwitch they enter their user ID, Password and mobile number. The only data that is transmitted to our servers is the User Name (encrypted). Note that the password and mobile number remain on the mobile app and is not sent to our servers.
(Ternio does not have access to this password, therefore we do not have access to the company data).
We then confirm that this user is registered to use the TernioSwitch on our servers. If so, our servers send back API Keys to the mobile app (fully encrypted). The TernioSwitch now sends the User Name and API Keys to the Five9 servers communicated through HTTPS (Hypertext Transfer Protocol Secure- this communication protocol is encrypted using Transport Layer Security (TLS 1.2). Five9 then sends back a single-use security token for this specific user to the TernioSwitch mobile app. From this point on, all communication is between the mobile app and the Five9 servers directly using this security token during this session.
In transit: All customer data transmitted to our servers over public networks is protected using strong encryption protocols. We mandate all connections to our servers use Transport Layer Security (TLS 1.2) encryption with strong ciphers, for all connections including web access, API access, our mobile apps. This ensures a secure connection by allowing the authentication of both parties involved in the connection, and by encrypting data to be transferred.
We have enabled HTTP Strict Transport Security header (HSTS) to all our web connections. This tells all modern browsers to only connect to us over an encrypted connection, even if you type a URL to an insecure page at our site. Additionally, on the web we flag all our authentication cookies as secure.
At rest: Customer data at rest is encrypted using 256-bit Advanced Encryption Standard (AES). We own and maintain the keys using our in-house Key Management Service (KMS).
Data retention and disposal
Once you terminate your Ternio user account, your data will get deleted from the active database during the next clean-up that occurs once every 6 months. We will manually delete your data at any time upon request.
Physical Location of Servers
Ternio’s servers are hosted on Microsoft Azure servers located in South/Central US in Texas.
Identity and Access control
We employ technical access controls and internal policies to prohibit employees from arbitrarily accessing user data. We adhere to the principles of least privilege and role-based permissions to minimize the risk of data exposure.
Access to production environments is maintained by a central directory and authenticated using a combination of strong passwords and two-factor authentication.
Logging and Monitoring
We monitor and analyze information gathered from services, internal traffic in our network, and usage of devices and terminals. We are building a record keeping system for this information in the form of event logs, audit logs, fault logs, administrator logs, and operator logs. We are in the process of automating the monitoring and analyzing of these logs which will help us identify anomalies. We will store these logs in a secure server isolated from full system access, to manage access control centrally and ensure availability.
Our internal vulnerability policy is that once we identify a vulnerability requiring remediation, it is logged, prioritized according to the severity, and assigned to an owner. We further identify the associated risks and track the vulnerability until it is closed by either patching the vulnerable systems or applying relevant controls.
Malware and spam protection
the TernioSwitch application runs on Microsoft Azure servers. These are Managed Servers and therefore are protected and kept up to date using multiple anti-virus and malware systems. Please click HERE for more details. Our workstations use Windows Defender for our malware and anti virus to align with Azure, and get updated automatically as new updates are released.
We run full backups once a week. Backup data is encrypted at rest, as the original data. All backed up data is retained for 30 days.
Disaster recovery and business continuity
Application data is stored on resilient storage with Microsoft Azure that is replicated across data centers. Data in the primary DC is replicated in the secondary in near real time. In case of failure of the primary DC, secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. All data centers are equipped with multiple ISPs.
Microsoft Azure has power back-up, temperature control systems and fire-prevention systems as physical measures to ensure business continuity. We also maintain sufficient storage to prevent log failure due to overflow. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations such as support and infrastructure management. Click HERE for more information.
Recovery Time Objective(RTO) and Recovery Point Objective(RPO)
In addition to having failover in place, our RTO and RPO policy is as follows: our RTO service level is within 24 hours. Note that the actual time will be significantly less than 24 hours since our threshold is 3 hours after disaster recovery. Our data level for RPO is actually within 5 minutes. Given that we do not store data other than credentials, to fully restore all of the user credentials would be within a few minute threshold.
We notify you of the incidents in our environment that apply to you, along with suitable actions that you may need to take. We track and close the incidents with appropriate corrective actions. Whenever applicable, we will provide you with necessary evidences regarding incidents that apply to you. Furthermore, we implement controls to prevent recurrence of similar situations.
We will respond to the security or privacy issues that you report to us through email@example.com with high priority. For general incidents, we will notify users through our newsletter as soon as feasible. For incidents specific to an individual user or an organization, we will notify the concerned party through email (using their primary email address of the Organization administrator registered with us).
We will notify the concerned Data Protection Authority of a breach within 72 hours after we become aware of it, according to the General Data Protection Regulation (GDPR). Depending on specific requirements, we notify the customers too, when necessary.
Customer controls for security
So far, we have discussed what we do to address security on various fronts for our customers. Here are the things that you as a customer can do to ensure security from your end:
- -Choose a unique, strong password and protect it.
- -Set a timeframe requirement for password resets.
- -For extra security, reset your API Keys every 90 days and provide to Ternio support.
- -Use the latest browser versions, mobile OS and updated mobile applications to ensure they are patched against vulnerabilities and to use latest security features
Security of your data is your right and a never-ending mission of Ternio. We will continue to work hard to keep your data secure, like we always have. For any further queries on this topic, feel free to contact us at support@terNio.com.
- Zone-redundant storage (ZRS): Zone-redundant storage maintains three copies of your data. ZRS is replicated three times across two to three facilities to provide higher durability than LRS. Replication occurs within a single region or across two regions. ZRS helps ensure that your data is durable within a single region.
Anti-Virus & Malware Security
The TernioSwitch application runs on Microsoft Azure servers. These are Managed Servers and therefore are protected and kept up to date using multiple Anti-Virus and Malware systems. Please see link for more details: https://docs.microsoft.com/en-us/azure/security/fundamentals/antimalware. Our workstations use Windows Defender for our malware and anti-virus to align with Azure, and get updated automatically as new updates are released.