Our security follows three themes
Telemetry will lead our peers in cloud and product security.
Telemetry will meet all customer requirements for cloud security and exceed requirements for industry security standards and certifications.
Telemetry will remain open and transparent about our programs, processes, and metrics.
Certifications
Telemetry is SOC 2 Type 2 Compliant. This means our company has been certified by an independent auditor to be secure and resilient.
Practices
Security starts with our team. Our team of engineers, product managers, and quality assurance personnel continually focus not only on the security of our products, but also the security of each of our environments.
Focus Areas
Product security
Security of our product and platform
Ecosystem security
Security of our cloud environments and connection points
Security intelligence
Anticipating, detecting and responding to security incidents
Corporate security
Internal security with respect to our internal network and infrastructure
Development
Security built into the software development processes
Awareness and training
Ensuring our employees and partners know how to work securely
Environmental and Network Security
Building security into our network architecture
Telemetry practices a layered approach to security for our networks. We implement controls at each layer of our cloud environments, dividing our infrastructure by zones, environments, and services. We have zone restrictions in place that include limiting office/staff, customer data, and network traffic. We also have environment separation to limit connectivity between production and non-production environments, and production data is not replicated outside of production environments. Access into production networks and services is only possible from within those same networks – e.g. only a production service can access another production service.
ZeroTrust
Never Trust. Verify. Access to all systems and resources (Corporate, Development, Infrastructure, Data, Networking) are all based on positive verification and the correct ability to access such resources regardless of users’ role, location, status, etc.
Human focused penetration testing
Telemetry engages with security partners to proactively probe our applications and infrastructure to determine weaknesses and evaluate our security posture.
Encryption
All data is encrypted in transit and at rest. No exceptions. We do not store any unnecessary data such as payment methods.
Constant monitoring
All exposed surfaces, internal networks, servers and contains are constantly scanned and evaluated as new threats emerge.