Not only do we build world-class features, but we are also SOC 2, Type‑2 compliant. We built our platform with a laser focus on enterprise-grade reliability, security, and data protection for our customers.
At Terret, security is core to our business and product. It is a fundamental part of our platform and is essential to our business. As a Revenue Operations & Intelligence platform, we analyze and process sensitive data — revenue, call, and activity — for our customers.
Our customers and partners trust us with their sensitive data, and we shoulder the responsibility to ensure appropriately managed security, confidentiality, and integrity of that data. We pride ourselves on our commitment to having the most robust security practices and safeguards implemented across the entire application stack and being proactive and responsive to our customers’ data security.
Terret is hosted entirely on Amazon Web Services (AWS), providing end-to-end security and privacy features built-in. Our team takes additional proactive measures to ensure a secure infrastructure environment.
We have been SOC 2 Type 2 compliant since 2020. We do a comprehensive annual retest of all our security and privacy controls, plus an annual application and infrastructure penetration test. Reports available upon request.
Ongoing internal network security audits and scanning give us an overview for quickly identifying impacted systems. Operating systems, software, frameworks, and libraries are regularly updated. High or critical vulnerabilities trigger prompt hotfixes and patches.
With Terret, we are committed to providing the highest security measures to ensure your data remains safe while giving you the control you need.
Selectively allow or deny field access for your organization. Easily set custom expiration dates for any data fields to further protect your data.
Quickly audit our security log at any time and in real-time. This level of detail puts you in full control of your own data.
Manage consent and access to applications at the user level. Alternatively, centralize the decision-making process with your security administrator team.
All infrastructure is hosted on AWS. Our team takes additional proactive measures beyond AWS defaults to keep data isolated and resilient.
Login is supported only via Single Sign-On (SSO) for Google Apps and Office 365. Terret never stores user passwords in our database.
Users can only access functions, data files, and resources for which they have specific authorization. Security groups restrict access to minimum required levels across all servers.
AES-256 encryption validated against FIPS 140-2. TLS is used for all connections. All sensitive data is encrypted at rest and in transit across all networks.
All SQL queries, HQL, OSQL, NOSQL and stored procedures are protected against SQL injection. Terret has security controls to prevent LDAP injection, OS command injection, Remote File Inclusion, XML attacks, and DOM Cross-Site Scripting (XSS) attacks.
Terret proactively monitors our infrastructure to identify any vulnerabilities and continuously works with security researchers to verify and address any issues. Refer to our Vulnerability Disclosure Policy for more details.
