TWO EASY WAYS TO GET IT DONE.
Security & Reliability
Tadabase protects your data with advanced security features and strictest policy guidelines that meet even the most rigorous enterprise specifications.
Get Started
Platform Infrastructure
Our core commitment is to the security and integrity of your data. It’s no surprise, therefore, that we chose Amazon Web Services, the world’s leading cloud service platform, to host our infrastructure.
Physical Security
Tadabase data is hosted in AWS data centers that have been certified as ISO 27001, PCI/DSS Service Provider Level 1, and/or SOC II compliance.
AWS data centers are secured by global AWS Security Operation Centers and advanced physical security measures which you can read more about here.
Network Security
Our network security architecture consists of multiple security zones to protect against unauthorized access at all times.
We use Sqreen, a third party network security solution, to monitor and protect our infrastructure from automated scanners, bots, and targeted attacks. It blocks attacks and alerts in case of critical threats. It also brings additional features like IP blocking and firewalls that monitor and control incoming and outgoing network traffic.
Application Security
Tadabase uses AWS Web Application Firewall to integrate advanced protections within our applications and protect our users from data breaches. It integrates protections against the most critical attack categories, such as SQL injections and cross-site scripting, and adds security headers to our applications.
Availability and Continuity
Encryption
Encryption in Transit
All data sent to or from our infrastructure is encrypted in transit via industry best practices using Transport Layer Security (TLS).
Encryption at Rest
All our user data (including passwords) is encrypted using battled-proofed encryption algorithms in the database.
Gov.-Grade Encryption
We use SHA-256 and AES-256 encryption, the strongest encryption available used by governments, banks, and federal-level agencies around the world.
Product Security Features
IP Whitelisting
With this feature you can enable IP address whitelisting within your app settings to ensure that your apps are only accessible by networks you’ve authorized.
Granular Page Controls
Assign roles for each of your users and define the data access permissions each role has. Restrict access to pages and parts of pages of your app to specific users who you deem relevant and authorized to view those pages or sections.
We recommend following the least-privilege approach with which you enable necessary pages vs blocking restricted pages. To learn more about maximizing user roles and permissions please contact support@tadabase.io
Record-level Security
Create connections between users and records to ensure that logged-in users can only access records that are connected to them.
Password Protection
Define custom password policies for each user and for each application, ensuring that users meet the password requirements you determine to be appropriate for specific apps and users.
Password Encryption
All user passwords are encrypted and hashed.
API Keys
Secure your app with advanced permissions for your API keys such as enabling or disabling access to delete, edit, or get records. You can also enable or disable any API keys as needed.
Data Encryption
All data is encrypted and secured with SSL.
Page time-out settings
Tadabase customers can create custom time-out settings to ensure that devices left unattended for a specified amount of time to require re-logging in for continued access.
Login Logs
Track all successful and failed logins to your application.
Block Failed Login Attempts
Enable custom settings to block an ip or user after x number of logins within x minutes.
2 Factor Authentication
Require 2 Factor Authentication for your users to login into your app.
Singe Sign On (SSO)
Use Single Sign On to require your users to login using a specified vendor such as Google
Whitelisted Email Domains
Add whitelisting to only allow signing up from white-listed domains.
Email Logs
Track and monitor all emails sent from your app.
Builder Logs
Track and monitor all changes made to your app from within the builder.
Delete Logs
See and track all deleted records from within your app.
Record Change Logs
View all changes made in your app with additional meta data such as location, IP address and other browser and user details.
Policies Standards
Explore our robust privacy policies, data ownership guidelines, access controls, and employee protocols that uphold our commitment to security and compliance.
Privacy Policy
Rest easy knowing your data is safe with automatic periodic backups of all applications. Enjoy the flexibility to restore data anytime, with additional manual backup and restore options available for Enterprise plans.
Data Ownership
Any data you store on Tadabase is owned by you and Tadabase claims no ownership on your data.
Data Access
Work in different environments to ensure updates don’t jeopardize the production app and expected user experience.
Employee Policies
As part of our SOC 2 readiness for compliance, we have implemented best practices for employee onboarding and offboarding according to SOC standards and we conduct.
Development Policies
Tadabase engineers conduct development and testing on a development platform completely separate from any live data. Bugs, errors, development kinks, etc. are fully tested.
99.99% Uptime
Tadabase is committed to maximizing your productivity with an impressive 99.99% uptime. Our reliable platform ensures that your applications are always available, minimizing disruptions and optimizing performance. Trust us to keep your operations running smoothly around the clock.
All systems operational
Compliance
AWS Compliance
Amazon is continuously audited by 3rd party compliance controls and holds compliance certifications from the strictest compliance programs including SOC 3 and ISO 27001. Learn more about AWS compliance here.
SOC 2
Tadabase is SOC 2 compliant, certifying adherence to industry best practices for security, availability, and confidentiality as evaluated by an independent third-party auditing program. This standard is essential for cloud security control. For more information on our commitment to robust security measures, please contact us at Security@tadabase.io.
HIPAA
Tadabase offers HIPAA compliant editions of our platform which will include field level encryption, password policies, and BAA agreements. Please contact us for more details at Security@tadabase.io.
DMCA
Tadabase maintains a publicly available Privacy Policy which outlines our corporate policies on how we keep your data private and secure.Tadabase respects intellectual property rights and publishes its Digital Millennium Copyright Act (DMCA) Copyright Policy.
Penetration Testing
Tadabase performs annual PenTesting on all production environments being utilized for storing and processing your data.
GDPR
Tadabase is GDPR ready. The purpose of GDPR is to protect the private information of EU citizens and give them more control over their personal data. Please contact us at Security@tadabase.io for more information on our GDPR readiness and future compliance. Tadabase has an available Data Processing Addendum for paid plans that can extend the terms of service to reflect the processing of personal data. Please contact Security@tadabase.io for more details on getting the DPA.
Privacy Policy
Tadabase maintains a publicly available Privacy Policy which outlines our corporate policies on how we keep your data private and secure.