Tidal was founded by Information security experts and ethical hackers with over 35 years of industry and Big 4 experience. We have designed, implemented, and audited SOC2 Type II compliant software systems.
Tidal’s Security architecture is built on the following three pillars:
Tidal security architecture
A secure foundation
Infrastructure stands at the core of our technology operations, and as such, infrastructure security is the centerpiece of our overall security strategy.
Secure software is an ongoing process involving people and practices, where security is built in and software is developed with security in mind. We follow the GitOps principles to achieve just that.
Reporting a vulnerability? Visit our Responsible Disclosure page
A secure foundation
Cloud hosting and infrastructure security
Microsoft Azure Cloud
- Tidal Control is hosted on Microsoft Azure, which is ISO27001 and SOC2 Type II certified. For more information and audit reports visit the Microsoft Azure Compliance offerings website.
Infrastructure as Code.
- Our infrastructure is managed with Terraform, allowing us to automate the entire configuration process and leverage community expertise and best practices.
Periodic Threat Modelling.
- We perform periodic threat modelling to identify and validate relevant threat actor scenarios, to determine business impact and associated risks, and to implement mitigating measures proactively.
Third party management
- We keep a tight grip on data flows and access rights, and regularly review our vendor’s adherence to our security policies and standards.
Security at every stage of software development
- Users are authenticated with Keycloak, with SSO and MFA. We use Azure Key Vault to store Cryptographic keys, secrets and authentication credentials used by our cloud app and services.
- We apply the least privileges principle to our employees. Development and Production environments are segregated, and all user activity is logged and monitored.
Continuous Vulnerability Monitoring
- We monitor our environment continuously for vulnerabilities and errors associated with our code and code libraries, with tools such as Dependabot and Sentry.
Code Quality and Security
- Our development pipeline is protected with branch policies and mandatory code reviews. We use Dependabot to manage vulnerabilities associated with the (third party) code libraries we use in our product.
Protecting your data
Your data is safe and available with us
- We encrypt data at rest and in transit with strong encryption, and market-leading cryptographic configuration. Azure Key Vault safeguards cryptographic keys, secrets and authentication credentials.
- Tidal Control runs in multiple availability zones, with data and backups also being replicated across multiple zones within the EU. Backups are encrypted using AES 256-bit encryption.
- We’re a multi-tenant application hosted on Microsoft Azure. All customers receive their own platform tenant, where data is inaccessible to other tenants.
Want to learn more? We welcome any feedback, questions, and suggestions.
Contact us at firstname.lastname@example.org