Last Updated: Oct 30, 2019
TelemetryTV’s information security policy is centered on protecting the confidentiality, integrity, and availability of customer’s data collected through the TelemetryTV application and through the TelemetryTV Application Programmers Interface (API). To achieve this goal TelemetryTV implements an in depth strategy organized into 10 control objectives:
- Maintain a secure network architecture to protect customer data.
Comprehensive steps are taken to ensure that our network infrastructure is secured and attack surfaces are limited.
- Ensure systems that store or process customer data are properly configured and adequately hardened.
Data storage is stored in secure facilities with proper access control.
- Protect customer data during transmission across the network and during storage
All data between users and TelemetryTV’s data centres is sent over SSL HTTPS encrypted connections.
- Develop and maintain secure systems.
Software that runs critical infrastructure is kept up to date on the latest security vulnerabilities.
- Develop and maintain secure applications.
TelemetryTV’s applications are tested for security compliance to ensure that security vulnerabilities are found and patched and steps are taken to minimize their occurrence.
- Use strong access control measures.
Access to customer data is limited to those requiring access with strong authentication procedures including 2FA when applicable.
- Restrict physical access to customer data.
Customer data is stored in secure data centres with limited physical access.
- Track and monitor all access to customer data.
Employee and contractor access to customer data is strictly monitored to ensure compliance.
- Regularly test security systems and processes.
TelemetryTV regularly monitors security to ensure systems are not vulnerable.
- Maintain security policies, procedures, guidelines and standards that address information security for all employees, contractors, and third parties.
TelemetryTV’s employees and contractors are bound to a comprehensive security policy that outlines standard operating procedures and outlines acceptable use of data.
Privacy and collection of Personally Identifiable Information (PII)