Ensuring customer information is always secure at any moment, during transit, and at rest.
Minimizing any security risks through continuous penetration, vulnerability, and risk assessments.
Ruthless implementation of security practices based on industry guidelines for cloud security.
We enable permission levels within the app to be set for your teammates.
Authenticate teammates and users without requiring them to enter additional login credentials.
A password complexity standard and credentials are stored using a PBKDF function (bcrypt).
Annual penetration test through third-party firms to investigate any missing vulnerabilities.
A generous bug bounty program to reward security researchers for reporting valid vulnerabilities.
Tribe monitors the service availability 24/7. Upgraded SLA notifies the client directly at the time of any incident.
Our data centers are SSAE16/ISAE 3204 Type II (SOC1 or SOC2) compliant. We follow strict protocols for security, availability, integrity, and confidentiality of data.
Tribe processes data in compliance with the EU's General Data Protection Regulation (GDPR). You can more about GDPR commitment here.
We are bound by the Canadian privacy and information law known as PIPEDA (The Personal Information Protection and Electronic Documents Act).
Our DPA includes EU Standard Contractual Clauses (SCCs) to enable our European clients to comply with GDPR.
Tribe conducts annual security vulnerability and penetration testing using independent third-party auditors.
Tribe audits and logs users activity. This allows our customers to monitor the actions taken by their admins and moderators.
During transit, either externally or internally between Tribe services, data is encrypted using TLS 1.2 with AES 256 bit encryption to ensure data protection at all times. Tribe SSL certificates are issued through Let's Encrypt...
CORS (Cross-Origin Resource Sharing) is a mechanism by which data or any other resource of a site could be shared intentionally to a third party website when there is a need. Generally, access to resources that are residing in a third party site is...
From what I gather broadly you have the following features for GDPR: ✓ Cookie consent ✓ Ability to delete members (and associated data) ✓ Ability to export member-specific data ✓ Linking to the privacy policy Here is a detailed post on how to use each of these...
You can add extensions by going to Admin Panel > Settings > Security. To add an extension, you need to add the file type with a . before it. For example, to add pdf, you need to add .pdf and then add application/pdf...
