Security at Talentei
Talentei is committed to the security of our platform and your use of it – including the data you entrust to us by using it. That includes providing transparency about the security and privacy practices summarized below. For more information about the policies and procedures that guide our security operations, please contact your account manager.
Organizational Security
Talentei maintains an information security program, dedicated to ensuring the security of our organization and technology platform and the privacy of the data that is entrusted to us. Key aspects of our information security program are described below, and our information security professionals are available to assist clients who require additional information. Our Service Organization Control II (SOC 2) Compliance report is available upon request.
Security and Privacy Training
The foundation of our security program begins with specialized security awareness and privacy training for all staff, as well as rigorous policy around the management and use of our information systems to ensure a secure environment and workforce. Regularly recurring training and awareness content and exercises promote a security-conscious staff that is our front-line of defense.
Protecting Client and User Data
All client data in our platform and information systems are treated as confidential, and is subject to our internal data handling policies, with access limited on a need-to-know basis. Personal information is subject to our internal and external privacy policies, as well as the standard confidentiality clauses of our commercial agreements, and Data Protection Addendum’s (DPA) are available as needed.
Network Security
Talentei applications and internal systems reside on actively managed and highly secured networks, configured and monitored to prevent intrusion and promote uptime and availability of our services. Using industry standard network architecture to manage access and segment traffic and services, secure networks form the backbone of our information systems and application platform.
Encryption
We utilize high-strength encryption protocols to secure data, both in-transit and at-rest, and hold our service providers to the same standard, to ensure that the data we store and process is secure from start to finish.
Authentication
The Talentei platform enforces string password requirements that can be configured specifically to client needs, and employs multi-factor authentication to provide rigorous account security. Our platform also supports single sign-on (SSO) standards to streamline access and support enterprise authentication schemes.
Our internal systems and policies provide similar authentication standards to manage access to all sensitive client and company information.
Access Control
Talentei utilizes role-based access control (RBAC) to ensure that all areas of our platform, internal systems, and data storage are secured against unauthorized access and managed using industry best practices and the principle of least-privilege. Our access control procedures ensure that access is granted and revoked appropriately and reviewed for accuracy regularly.
System Monitoring, Logging, and Alerting
The Talentei platform and all our critical systems utilize tools and documented procedures for monitoring system health and function as well as unauthorized access or anomalous events. System activities are logged and undergo both automated and manual audit review, with alerting mechanism in place to ensure our security and technology operations teams can respond immediately to incidents or concerns.
Security Incident Management
Our security personnel implement a documented incident response process, including data breach management, in accordance with our privacy policy and applicable laws and regulations. Our incident management procedures ensure that security events are analyzed, classified, responded to and resolved in a timely manner, with safety, security and privacy as our utmost concerns.
Disaster Recovery and Business Continuity
The Talentei platform leverages the cloud-based scale and geographical redundancy of our service providers to deliver failsafe resiliency throughout our applications. Our documented approach to Business Continuity and Disaster Recovery planning ensures that we are prepared for any contingencies and can respond quickly to issues to maximize uptime and reliability for our clients. System configuration and data backups are stored securely and tested regularly to ensure that we are always ready when disaster strikes.
Service providers
Talentei utilizes third-party service providers (also know as sub-processors) to help us host and deliver our applications and services. These third parties are evaluated regularly for their capabilities and compliance with our security requirements, as well as compliance to relevant laws and regulations. Our list of sub-processors is available here and updated regularly.
Legal compliance
We regularly engage legal counsel specialized in cybersecurity and privacy law to help ensure that we are always informed on data protection regulations in all the jurisdictions we operate in.
Notification and Reporting
To notify us about any concerns related to the security of our offering, the privacy of your data, or unethical behavior related to the use of our services, please email us at notify@talentei.com or call us at (844) 802-5103