We take Data Security really seriously.
Secure Data Transmission
When you load a page in your browser, or upload something to TenantKnowledge, all that information is encrypted while it’s moving over the internet. We lock up your data with up to 256-bit TLS encryption, the strength of protection you get with online banking and shopping. We also support a wide variety of cyphers — another kind of code — for our communications, to ensure the highest level of encryption possible, based on your browser.
TenantKnowledge doesn’t store credit card numbers, ever. Credit card information is sent directly from the app or browser to our payments processor (Stripe), and Wave receives a secure token back. This token is a code that authorizes TenantKnowledge to complete the activity securely and efficiently, without storing or exposing your credit card information.
Secure data storage
Your data is stored on servers that have strict physical access protocols, meaning there are rules in place limiting access to only the people who need it to do their jobs. The facilities are controlled with 24/7 monitoring, and the technology is digitally protected.
TenantKnowledge uses many layers of security testing. We test our systems internally, but that’s not enough in our opinion. We also regularly bring in third-party security firms to perform vulnerability assessments and penetration tests against our systems. Sounds great? Still not enough for us. TenantKnowledge has a private bug bounty program through HackerOne. This means that we’ve got security researchers from all over the globe testing our app on an ongoing basis. It takes a lot of effort to keep things secure, and we’re happy to go the distance.
Passwords are encrypted when they’re collected, when they’re sent to our servers, and we never store them without encrypting them first. In fact, all communications between our apps and our servers are encrypted using Transport Layer Security (TLS) — the replacement for Secure Sockets Layer (SSL) — the highest level of security protocols available. Beyond that, we don’t store any sensitive information, such as credit card numbers, on the device ever.
We’ve built an internal risk system that uses a wide variety of tools and insights to protect you and your customers from fraud. We’ve integrated several third-party security and anti-fraud service providers to create a layered approach to risk detection, for the highest level of protection. And our team of risk analysts monitor high risk and out-of-pattern behaviour to keep our platform safe.