Tesorio Security Overview

Tesorio takes security very seriously to ensure that your information is protected at all times. If you have specific questions, you may contact us directly at: contact@tesorio.com

 

Infrastructure Security

  • Our data centers are hosted on Amazon Web Services (AWS) which are accredited under ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX).
  • Our database is encrypted at rest using industry-grade AES-256, block-level storage encryption.
  • Sensitive fields (such as Tax ID No.) are encrypted in the database using a  Symmetric-key Algorithm.
  • Continuous Protection  ensures that we keep our data safe from any database failures.
  • All communication is encrypted via 2048-bit SSL.
  • To securely transfer files, Tesorio uses SFTP or FTPS servers.

 

Account Security

  • All login attempts are logged and monitored.
  • After 4 failed login attempts, a user is locked out until we verify if there was malicious intent.
  • Tesorio routinely checks and gets alerted for malicious & suspicious activity.
  • Registered suppliers go through email verification and account-level verification. We also require sophisticated passwords to enhance account security.
  • Tesorio uses the PBKDF2 algorithm with a SHA256 hash, a password stretching mechanism recommended by  NIST  (National Institute of Standards and Technology). All passwords are hashed and salted with 10,000+ iterations for complete security.

 

NetSuite Security

    • Tesorio is BFN (“Built for NetSuite”) Certified. See  SuiteApp listing.
    • BFN certification entails a full technical and security audit by Netsuite, which confirms that Tesorio “meet[s] the same level of standards for security, data privacy and overall quality as the solutions offered by NetSuite.” See  BFN Overview.

 

 

 

Further Information

Tesorio’s data centers are hosted on Amazon Web Services through Heroku’s platform. For further information on their security standards, see links below.