Committed to Security Excellence
Security is a top priority for our customers, we understand that. Tahua is dedicated to providing best in class security offerings and an ongoing focus and investment in improving our security posture.
Tahua runs thorough independent audits annually by way of penetration tests on our systems and networks to ensure that we are doing everything we can to keep your customer data safe. Additionally, Tahua aligns itself with well established security frameworks such as OWASP, CERT NZ and NZISM
Tahua customer platforms are deployed on Amazon Web Services, a renowned and secure cloud service provider responsible for managing the physical security of hard and networking. This assurance instills confidence in our customers, knowing that their information is safeguarded and their Tahua system is fortified against potential threats.
Your data is of the highest importance to us
Secure the Parts
Secure Data Location
Tahua understands that data sovereignty and jurisdictional requirements often need certain regional hosting requirements. That is why we offer secure hosting in APAC and Europe. If you have unique hosting requirements feel free to discuss with us to see how we can help.
Application Security Processes
Tahua aligns its internal application security processes with best practices through the use of peer reviewed code reviews as well as automatic static analysis of code changes using a well established security scanner Brakeman.
Additionally Tahua runs automatic scans on dependencies for known vulnerabilities using Github Dependabot and patched in an acceptable timeframes inline with the severity of the vulnerability.
All Tahua platforms are virtually isolated within an Amazon Virtual Private Network ( VPC ). Public traffic is limited to web traffic only with the remaining services contained with private subnets and locked down using Security Groups. Resource access is managed through stringent IAM polices employing access of least privilege.
All Tahua Data is encrypted in transit via TLS 1.2+, databases, file systems and automated backups are encrypted at REST using industry standard AES-256 encryption. Application encryption keys are stored via Amazon Key Management System ( KMS ) and accessed using access of less privilege.
Our internal staff take the utmost care with your data by way of tightly controlled administrative access to your platforms and implementation of access of least privilege through tightly controlled IAM policies. Consent is obtained before data is accessed and audit data is logged to give a clear paper trail of events if needed.
Tahua maintains Business Continuity and Disaster Recovery Plans ( BCP & DR ) with annual review and simulation to be prepared for an unlikely disaster or widespread outage event.