Committed to Security Excellence

Security is a top priority for our customers, we understand that. Tahua is dedicated to providing best in class security offerings and an ongoing focus and investment in improving our security posture.

Tahua runs thorough independent audits annually by way of penetration tests on our systems and networks to ensure that we are doing everything we can to keep your customer data safe. Additionally, Tahua aligns itself with well established security frameworks such as OWASP, CERT NZ and NZISM

Tahua customer platforms are deployed on Amazon Web Services, a renowned and secure cloud service provider responsible for managing the physical security of hard and networking. This assurance instills confidence in our customers, knowing that their information is safeguarded and their Tahua system is fortified against potential threats.

Your data is of the highest importance to us

Secure the Parts

Secure Data Location

Tahua understands that data sovereignty and jurisdictional requirements often need certain regional hosting requirements. That is why we offer secure hosting in APAC and Europe. If you have unique hosting requirements feel free to discuss with us to see how we can help.

Application Security Processes

Tahua aligns its internal application security processes with best practices through the use of peer reviewed code reviews as well as automatic static analysis of code changes using a well established security scanner Brakeman.

Additionally Tahua runs automatic scans on dependencies for known vulnerabilities using Github Dependabot and patched in an acceptable timeframes inline with the severity of the vulnerability.

Network Security

All Tahua platforms are virtually isolated within an Amazon Virtual Private Network ( VPC ). Public traffic is limited to web traffic only with the remaining services contained with private subnets and locked down using Security Groups. Resource access is managed through stringent IAM polices employing access of least privilege.

Data Encryption

All Tahua Data is encrypted in transit via TLS 1.2+, databases, file systems and automated backups are encrypted at REST using industry standard AES-256 encryption. Application encryption keys are stored via Amazon Key Management System ( KMS ) and accessed using access of less privilege.

User Security

Tahua helps to keep all of our end users safe through the use of credential technologies such as SAML 2.0 Single Sign-On ( SSO ) and Multi-Factor Authentication. Passwords policies are set to industry standard by default with the ability configure these even higher depending on the security requirements of your organisation. Brute force attacks are mitigated through automatic failed attempt lock out, “smart” password recommendations and short lived sessions.

Operations Security

Our internal staff take the utmost care with your data by way of tightly controlled administrative access to your platforms and implementation of access of least privilege through tightly controlled IAM policies. Consent is obtained before data is accessed and audit data is logged to give a clear paper trail of events if needed. 

Tahua maintains Business Continuity and Disaster Recovery Plans ( BCP & DR ) with annual review and simulation to be prepared for an unlikely disaster or widespread outage event. 

Want to know more or report an incident?

We have an open door policy when it comes fro Security, if you have more specific questions or would like to report an incident, feel free contact us here.