Security at GoalTeller
Security of customer data is a matter of serious concern for us at GoalTeller. We strive to adopt world-class practices for the secure handling of customer data and for the design of our hosting infrastructure.
Security At GoalTeller
GoalTeller was built keeping security as one of the main key points and we safeguard our customers’ data. Information security plays a role in every aspect of GoalTeller’s services. We strive to adopt world-class practices for the secure handling of customer data and for the design of our hosting infrastructure.
GoalTeller uses AWS infrastructure for different environments, which are clearly separated and are behind a Virtual Private Cloud (VPC). Automated infrastructure audits are in-place through certified tools (https://pingsafe.ai/),and alerts are raised when new vulnerabilities are discovered. Such alerts are classified rigorously and addressed within strict SLAs.
Data storage and security
Only engineers who require it for their jobs have access to the data infrastructure. Data is encrypted at rest using 256-bit encryption. We employ separation of environments and segregation of duties and have role-based access control on an authorized & need-to-use basis.
Ongoing security vigil
All major releases undergo thorough penetration testing by our external security partner, Appsecure (https://appsecure.security/). Designs, Code and our threat models are shared with the partner (under NDA) in order to detect and close vulnerabilities. The assessment includes OWASP top 10 vulnerabilities detection among others. All new code or changes to existing code are peer-reviewed.
Security is an ongoing endeavour and can never be fully considered “done”. We appreciate and welcome responsible efforts to detect vulnerabilities in our software. If you are aware of vulnerabilities or have any questions regarding our security policy, please reach out to us at email@example.com
Terms of Service