Privacy and Security at Tenon.io

Security

The below information is purposefully low on details, as we do not want to expose certain information to the public. We are willing to share additional details with customers and potential customers under an NDA. Contact us if you need more information.

Tenon is extremely serious about security and regularly seek to research ways to improve upon our system's level of security. Below is a list of steps we have taken to ensure that not only our main SaaS instance is secure but also the instances deployed for our Enterprise customers:

  1. Tenon runs a microservice architecture, with a main PHP web server and a number of Node microservices. Each service uses firewall rules that prevent them from responding to any requests that don't originate from the Web server
  2. All communications between the various services are handled over TLS 1.2 encryption.
  3. All communications between the outside world and Tenon is handled over TLS 1.2 encryption.
  4. "Root" user has been disabled on all systems
  5. All passwords are encrypted using bCrypt, a one-way algorithm.
  6. Tenon leverages Cloudflare as a WAF. Services have firewalls as well and we monitor all our servers for malicious traffic. Certain types of traffic are automatically banned at the firewall.
  7. All input from the outside world is filtered/ validated/ and escaped prior to being accepted for processing
  8. Tenon uses a number of third-party systems for logging and monitoring for system performance. Enterprise customers have the ability to turn all such services off.
  9. Private Cloud customers can optionally configure the application firewall to only allow only their IP addresses to access the instance.
  10. We have automated scans of Tenon using Detectify scheduled to occur on a regular and ongoing basis.
  11. We periodically perform scans of the system using OWASP ZAP on ATTACK mode.
  12. We use unattended upgrades via Ansible to keep system software up to date with software fixes.

Abuse

Every single request against this system is tracked in order to protect and defend against abuse. Any abusive behavior will cause an immediate and irreversible revocation of your privileges to use this system. For some types of abuse this will happen at the very first sign of abuse, with no warning whatsoever.

IPV6 compliance

Tenon.io's SaaS offering and Private Cloud offering both use Amazon AWS. AWS fully supports the use of IPV6 addressing, however we are unsure of the current status of some Amazon resources. As of August 2020, Amazon RDS (database server) and S3 would use IPV6 addressing but would load from IPV4 services. Amazon recently announced full support for IPV6, but we need to do more research on the aforementioned limitations before making any claims of compliance on our end.

Privacy

Tenon takes privacy and security of customer data very seriously. We also take transparency very seriously. The following document discusses our approaches to Privacy and Security.

For any questions regarding our privacy practices, email privacy@tenon.io.

Third-Parties

Tenon makes use of the following third party services for some of our functionality and/ or customer service activities.

  • Payment processing via Stripe
  • Customer Relationship Management via Hubspot
  • Mailing List messaging by MailChimp

Tenon also makes use of a handful of services for tracking of analytics data relating to product performance as well as for sales and marketing conversion tracking:

  • Google Analytics
  • LinkedIn
  • Twitter
  • Facebook

These services may use cookies or beacons for tracking purposes.

Tenon Itself

General

Tenon complies with EU rules requiring the ability for EU Citizens to completely delete all of their information from our systems. To have your account deleted, log in to your profile and activate the button labelled "Delete your account". Please note: in accordance with GDPR this will be a complete delete of your account and every bit of data associated with it.

  • At no time do we store any credit card data on our servers.
  • All passwords stored in our database are hashed with a one-way hash. Our forgotten password process is actually a reset process. Not even Tenon.io staff can see your password in plaintext.
  • We routinely test our system for common security vulnerabilities such as SQL Injection, XSS, CSRF, and more using Detectify and Snyk. You can contact us for additional information about our security and privacy practices.

Mailing Lists

  • When you sign up for an account on Tenon.io, persons located within the United States are automatically subscribed to our mailing list. If you wish to unsubscribe, you can do so at any time by visiting our Unsubscribe page
  • All messages from all lists will have an unsubscribe link somewhere within the message.
  • We have two primary lists: our general marketing mailing list and a list for system updates. You can also stop system update emails at the Unsubscribe page. We heartily recommend that you don't unsubscribe from that list, because that list receives no marketing and is solely reserved for important messages about Tenon.io system status
  • We reserve the right to send you messages about your account, such as billing or confirmation messages, even if you've unsubscribed from other notices.

Cookies

We set cookies for the following reasons on tenon.io:

  • Whenever someone uses the public demo
  • Whenever someone lands on a landing page from a CPC ad, email newsletter, or other digital marketing asset.
  • Whenever a registered user logs into the Tenon.io website

Use of any web system under the tenon.io domain is implicit consent to accept cookies. We may, in the future, elect to add third party cookies directly related to our service and/ or the marketing of our service. No third party cookies or beacons will ever been set relating to marketing of any other product, service, or website.

Public Demo

  • The public demo page stores all results temporarily as described below.
  • The public demo also stores the requesting computer's IP address and sets a cookie.
  • We do not have any display ads or any other code which would use a beacon or set a third-party cookie.

Storage of test data

  • We temporarily store every result of every test run by the Tenon API. The length of time this is stored depends largely upon server demand but is anticipated to be less than a few minutes.
  • We permanently store your test results if you specifically set the 'store' parameter to '1'
  • In both of the above cases, the information stored is the verbatim copy of the JSON response, stored as a string.
  • If you set the 'store' parameter to '1' and your API request is for testing of document source (via the 'src' request parameter) we store the source that you sent us.
  • If you set the 'store' parameter to '1' and your API request calls for testing of an URL, we store the source of the entire document and all assets associated with it.
  • We calculate statistics for a wide array of things such as document size, number of errors, and types of errors and we store this information permanently. Some of this information is associated with your account, for the purposes of presenting this useful information to you.
  • We store messages sent to us by our payment processor that relate to your account. At no time does this contain any PII or credit card data. Instead, our processor sends us unique IDs which can be referenced later so that we can manage your account without requiring direct access to your information
Your role in responsible handling of PII

The Tenon API will perform accessibility testing of any HTML source or URL it is sent and has no way of detecting or avoiding PII. If you send over URLs or source payloads that includes PII or other sensitive data, portions of that information may become stored by Tenon. Tenon’s API grabs snippets of code when cataloging issues it finds. If those snippets of code contain PII, then the PII will become part of those snippets. These risks can be mitigated by doing one or more of the following:

  • We temporarily store every result of every test run by the Tenon API. The length of time this is stored depends largely upon server demand but is anticipated to be less than a few minutes.
  • We permanently store your test results if you specifically set the 'store' parameter to '1'
  • In both of the above cases, the information stored is the verbatim copy of the JSON response, stored as a string.