Security
We care about your data security as much as you do. From Tesorio’s back-end architecture to user logins, we go above and beyond industry standards to protect your sensitive information.
Infrastructure Security
- Our data centers are hosted on Amazon Web Services (AWS) which are accredited under ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX).
- Our database is encrypted at rest using industry-grade AES-256, block-level storage encryption.
- Sensitive fields (such as Tax ID No.) are encrypted in the database using a Symmetric-key Algorithm.
- Continuous Protection ensures that we keep our data safe from any database failures.
- All communication is encrypted via 2048-bit SSL.
- To securely transfer files, Tesorio uses SFTP or FTPS servers.
Account Security
- All login attempts are logged and monitored.
- After 4 failed login attempts, a user is locked out until we verify if there was malicious intent.
- Single-Sign On (SSO) and Two-Factor Auth available for enhanced authentication security.
- Tesorio routinely checks and gets alerted for malicious & suspicious activity.
- Registered suppliers go through email verification and account-level verification. We also require sophisticated passwords to enhance account security.
- Tesorio uses the PBKDF2 algorithm with a SHA256 hash, a password stretching mechanism recommended by NIST
(National Institute of Standards and Technology). All passwords are hashed and salted with 10,000+ iterations for complete security.
NetSuite Security
- Tesorio is BFN (“Built for NetSuite”) Certified. See SuiteApp listing.
- BFN certification entails a full technical and security audit by Netsuite, which confirms that Tesorio “meet[s] the same level of standards for security, data privacy and overall quality as the solutions offered by NetSuite.” See BFN Overview.