Skip to content

BetterCloud governance security measures

ANNEX II – TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF DATA RELATED TO THE BETTERCLOUD GOVERNANCE FEATURES

For purposes of this Annex II, Tricent Security Group A/S will be referred to as “Tricent”.

Access Control

  1. The Tricent for Google Workspace service is hosted on Google Cloud Platform (GCP), and the Tricent for Microsoft 365 service is hosted on Microsoft Azure (Azure). Tricent maintains contractual relationships with vendors in order to provide the Services in accordance with our Data Processing Agreement. Tricent relies on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors.
  2. Under GCP and Azure shared responsibility model, the physical and environmental security controls are maintained by Google and Microsoft and audited for SOC 2 Type I and ISO 27001, 27017, 17018 compliance, among other certifications by an AICPA Accredited third-party public trust audit firm. 
  3. Tricent enforces a uniform password policy for its technology infrastructure components. Customers who interact with the Tricent user and administrative interfaces must authenticate via Google SSO or Okta single sign-on identity provider and associated strong identity policies.
  4. Customer data is stored in multi-tenant storage systems accessible to Tricent’s customers only via application user and admin interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of Tricent’s products uses role-based access control to ensure that only appropriate individuals can access relevant resources. A systems administrator approves internal user access to the infrastructure provider for authorized personnel. Access approvals and modifications to the user access list are logged.
  5. A subset of Tricent’s employees have access to the products and to customer data via controlled interfaces. The intent of providing access to a subset of employees is to provide effective customer support, to troubleshoot potential problems, to detect and respond to security incidents and implement data security. All such requests are logged. Tricent employees are granted access by role, and reviews of high-risk privilege grants are initiated regularly. System owners conduct quarterly user access reviews of production servers, databases, and applications to validate internal user access is commensurate with job responsibilities. Identified access changes are tracked to remediation.
  6. Background checks are performed on new Tricent hires before the new hire’s start date as permitted by local laws. Tricent reviews the results and takes any appropriate action deemed necessary. Tricent has an established code of conduct outlining ethical expectations, behavior standards, and ramifications of non-compliance, and requires internal personnel to acknowledge it.

Transmission Control

  1. In-transit: Tricent uses Transport Layer Security version 1.2 or better paired with appropriately selected cipher suites on every one of its login Interfaces and API Endpoints. Tricent’s HTTPS implementation uses industry-standard algorithms and certificates, specifically 256-bit AES Encryption in Galois Counter Mode, aka AES-256-GCM.
  2. At-rest: Tricent stores user passwords following policies that support industry-standard practices for security. For example, passwords are stored as non-reversible hashes using a properly selected password-hashing function.
  3. All customer data is encrypted at rest using Tricent’s privately generated and controlled data encryption keys – it is not technically possible for subprocessors to decrypt customer data.

    Input Control

    1. IP Filtering (Internet Protocol version 4) configurations ensure available networking ports and protocols are restricted to approved business rules. Web application firewalls ensure only appropriate messages are reviewed by our web-facing API Interfaces. Distributed Denial of Service controls protect Tricent’s applications from network OSI layers 3, 4 and 7 attacks. Tricent’s DDoS provider also protects Tricent from common layer 7 attacks and removes traffic from known bad actors.
    2. To maintain separation of duties, one engineer plans and prepares a change request, and then a second individual engineer reviews, tests, and approves configuration changes before the changes are deployed into production. Tricent has developed policies and procedures governing the system development life cycle, including documented policies for tracking, testing, approving, and validating changes.
    3. Tricent engages a qualified third-party penetration testing vendor to conduct a network and application penetration test of the production environment at least annually. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios.
    4. Tricent’s infrastructure is configured to log information about system behavior, traffic, system authentication, and other application requests. System tools monitor company load balancers and notify appropriate personnel of any events or outages based on predetermined criteria. Any identified issues are tracked through resolution in accordance with Tricent’s Incident Management Policy.
    5. Tricent maintains a record of known security incidents that includes description, dates and times of relevant activities, and incident disposition. Suspected and confirmed security incidents are investigated by security, operations, or support personnel; and appropriate resolution steps are identified and documented. For any confirmed incidents, Tricent will take appropriate steps to minimize product and Customer damage or unauthorized disclosure.
    6. If Tricent becomes aware of unlawful access to non-Tricent data stored within its Services, Tricent will: 1) notify the affected customers of the incident; 2) provide a description of the steps Tricent is taking to resolve the incident; and 3) provide status updates to the customer contact, as Tricent deems necessary. Notification(s) of incidents, if any, will be delivered to one or more of the customer’s contacts in a form Tricent selects, which may include via email or telephone.

    Availability Control

    1. Tricent maintains a vulnerability management program to detect and remediate system vulnerabilities. Vulnerability scans are executed daily on production systems. Any critical or high-risk vulnerabilities are tracked through resolution. 
    2. Infrastructure availability: Tricent’s Cloud Service Provider’s infrastructure services use commercially reasonable efforts to ensure a minimum of 99.9% uptime. The providers maintain a minimum of N+1 redundancy to power, network, and HVAC services.
    3. Fault tolerance: Backup and replication strategies are designed to ensure redundancy and fail-over protections during a significant processing failure. Customer data is backed up to offsite data centers.
    4. Online replicas and backups: Tricent’s databases are designed to replicate data between no less than 1 primary and 1 secondary database. Database replicas are hosted in separate availability zones.
    5. Availability zones have their own separate redundant infrastructure services. All databases are backed up and maintained using at least industry-standard methods.
    6. Tricent’s products are designed to ensure redundancy and seamless failover. The server instances that support the products are also architected with a goal to prevent single points of failure. This design assists Tricent’s operations in maintaining and updating the product applications and backend while limiting downtime.