Privacy and Security at Tenon.io
The below information is purposefully low on details, as we do not want to expose certain information to the public. We are willing to share additional details with customers and potential customers under an NDA. Contact us if you need more information.
Tenon is extremely serious about security and regularly seek to research ways to improve upon our system's level of security. Below is a list of steps we have taken to ensure that not only our main SaaS instance is secure but also the instances deployed for our Enterprise customers:
- Tenon runs a microservice architecture, with a main PHP web server and a number of Node microservices. Each service uses firewall rules that prevent them from responding to any requests that don't originate from the Web server
- All communications between the various services are handled over TLS 1.2 encryption.
- All communications between the outside world and Tenon is handled over TLS 1.2 encryption.
- "Root" user has been disabled on all systems
- All passwords are encrypted using bCrypt, a one-way algorithm.
- Tenon leverages Cloudflare as a WAF. Services have firewalls as well and we monitor all our servers for malicious traffic. Certain types of traffic are automatically banned at the firewall.
- All input from the outside world is filtered/ validated/ and escaped prior to being accepted for processing
- Tenon uses a number of third-party systems for logging and monitoring for system performance. Enterprise customers have the ability to turn all such services off.
- Private Cloud customers can optionally configure the application firewall to only allow only their IP addresses to access the instance.
- We have automated scans of Tenon using Detectify scheduled to occur on a regular and ongoing basis.
- We periodically perform scans of the system using OWASP ZAP on ATTACK mode.
- We use unattended upgrades via Ansible to keep system software up to date with software fixes.
Every single request against this system is tracked in order to protect and defend against abuse. Any abusive behavior will cause an immediate and irreversible revocation of your privileges to use this system. For some types of abuse this will happen at the very first sign of abuse, with no warning whatsoever.
Tenon takes privacy and security of customer data very seriously. We also take transparency very seriously. The following document discusses our approaches to Privacy and Security.
For any questions regarding our privacy practices, email firstname.lastname@example.org.
No customer information will be shared with any third party except as needed to provide quality customer service. Tenon makes use of the following third party services for some of our functionality and/ or customer service activities.
- Payment processing via Stripe
- User support and drip marketing via Intercom.io
- Customer Relationship Management via Pipedrive
- Mailing List messaging by MailChimp
Tenon complies with EU rules requiring the ability for EU Citizens to completely delete all of their information from our systems. To have your account deleted, submit a support request and we will comply within one business day.
- At no time do we store any credit card data on our servers.
- All passwords stored in our database are hashed with a one-way hash. Our forgotten password process is actually a reset process. Not even Tenon.io staff can see your password in plaintext.
- We routinely test our system for common security vulnerabilities such as SQL Injection, XSS, CSRF, and more using Detectify. You can contact us for additional information about our security and privacy practices.
- When you sign up for an account on Tenon.io, you are not automatically subscribed to our mailing list. If you subscribe to the list and subsequently wish to unsubscribe, you can do so at any time by visiting our Unsubscribe page
- All messages from all lists will have an unsubscribe link somewhere within the message.
- We have two primary lists: our general marketing mailing list and a list for system updates. You can also stop system update emails at the Unsubscribe page. We heartily recommend you don't unsubscribe from that list, because that list receives no marketing and is solely reserved for important messages about Tenon.io system status
- We reserve the right to send you messages about your account, such as billing or confirmation messages, even if you've unsubscribed from other notices.
We set cookies for the following reasons on tenon.io:
- Whenever someone uses the public demo
- Whenever someone lands on a landing page from a CPC ad, email newsletter, or other digital marketing asset.
- Whenever a registered user logs into the Tenon.io website
Use of any web system under the tenon.io domain is implicit consent to accept cookies. We may, in the future, elect to add third party cookies directly related to our service and/ or the marketing of our service. No third party cookies or beacons will ever been set relating to marketing of any other product, service, or website.
- The public demo page stores all results temporarily as described below.
- The public demo also stores the requesting computer's IP address and sets a cookie.
- We do not have any display ads or any other code which would use a beacon or set a third-party cookie.
Storage of test data
- We temporarily store every result of every test run by the Tenon API. The length of time this is stored depends largely upon server demand but is anticipated to be less than a few minutes.
- We permanently store your test results if you specifically set the 'store' parameter to '1'
- In both of the above cases, the information stored is the verbatim copy of the JSON response, stored as a string.
- If your API request is for testing of document source (via the 'src' request parameter) we will temporarily store that document source for the purposes of testing. After testing is complete we delete the source.
- If your API request calls for testing of an URL, we do not store the source of that document in any way.
- We calculate statistics for a wide array of things such as document size, number of errors, and types of errors and we store this information permanently. Some of this information is associated with your account, for the purposes of presenting this useful information to you.
- We store messages sent to us by our payment processor that relate to your account. At no time does this contain any PII or credit card data. Instead, our processor sends us unique IDs which can be referenced later so that we can manage your account without requiring direct access to your information
We may, in the future, choose to store tested document source and/ or a snapshot image of the tested page. This would occur as part of future visualization features and would also be based on explicit permission from you.