🎉 We're hiring. Click here and see open positions.

Security at Timeular

Security is always top of mind at Timeular. That’s why we have put in place best practices, system design choices, and processes to ensure that Timeular is a resilient and reliable platform.

Timeular is hosted on the well known and well secured provider Amazon AWS in Frankfurt/Germany. Amazon AWS is ISO/IEC 27001:2013, 27017:2015, 27018:2019, ISO/IEC 9001:2015 und CSA STAR CCM v3.0.1 certified. Details can be found here.

Users data is encrypted in transit and at rest. In transit we use HTTPS using Transport Layer Security (TLS v1.2) protocols with minimum 128-bit keys and using SHA256 certificates. At rest we use AES-256 encryption. Backups are stored in encrypted AWS S3 buckets.

We regularly make use of vulnerability scanning and our engineers respond to issues raised.

Access to our infrastructure is protected by a Layer 7 firewall including rate limiting and automatic account lockout after several attempts. Users are enforced to pick a minimum password length to encourage more secure passwords.

We’re using a micro-service architecture. Authorization and authentication are checked on a micro-service level for granular security purposes. Our complete infrastructure runs on a protected Kubernetes cluster, whereby every service has at least 2 running instances for additional operational guarantee.

Our infrastructure is monitored automatically 24/7 and the monitoring service itself as well. Production alerts are automatically captured and escalated on a 24/7 escalation policy. Only employees with the necessary rights and roles have pre-authorised access to the underlying data. Access to such data uses strong password policies managed through a password manager complying with the most stringent industry standards for data confidentiality, integrity, and availability. Where appropriate access is coupled with two-factor authentication.

Timeular is fully GDPR compliant. Our privacy policy can be found here and our software agreement here. For a data processing agreement please reach out to us on support@timeular.com.