Security & Compliance
Empower Makers across your organization with the governance to instill confidence that your sensitive data and critical systems are being protected.
Data encrypted in-transit and at rest
All connections with Tonkean are encrypted using industry standard HTTPS/TLS protocols with all data fully encrypted following AES-256 standards while at rest or in-transit.
Item-level data retention policies
Define specific data retention lengths down to the field level to ensure sensitive data is only available as long as needed for each process.
Granular access controls at all levels
Tonkean is architected and engineered with in-built security. Comprehensive role-based access control (RBAC) ensures that every permission from data access through process creation are properly secured and controlled.
Full audit log of transactions
Tonkean maintains non-repudiation logs capturing full records of all edits to Solutions and Enterprise Components in development and all processed transactions within test and production environments.
Secure & Flexible Deployment Options
Tonkean can be deployed on the any of the three major cloud providers including AWS, Microsoft Azure (Private Cloud only), and GCP (Private Cloud only). All deployments have a hardened operating systems installation, firewall protection, and regular system patching process.
Public Cloud
Tonkean’s public servers are stored on AWS in a multi-tenant environment. The public cloud environment will be managed by Tonkean.
- Standard
Dedicated Cloud
A single-tenant cloud environment not shared with other customers. The dedicated instance will be managed by Tonkean and is hosted on AWS.
- Enterprise
Private Cloud
Have Tonkean installed on your organization’s private cloud environment. This cloud environment will be privately managed by your internal IT team. For private cloud, Tonkean can be hosted on AWS, Azure, and GCP.
- Enterprise
Enterprise-grade compliance
GDPR Ready
Tonkean adheres to the General Data Protection Regulation (GDPR). We’re here to help our customers in their efforts to comply with GDPR.
Learn more at our Terms of Service page.
SOC 2 Type 2
Tonkean is SOC 2 Type 2 compliant and independently audited for our commitment to meeting the most rigorous security, availability, and confidentiality standards in the industry in accordance with the AICPA Trust Services Principles and Criteria.
Have other questions?
If you have a security question, please contact our support team at support@tonkean.com.