Team-One Security Overview
Team-One offers a robust, secure framework for enterprise collaboration and information management. The platform is based on well-known cryptographic software technology that encrypts all data transmissions from end- to-end, both on the web and on our mobile platforms (iOS and Android).
Platform security is a top consideration in Team-One’s architecture. Our various measures to secure our clients’ data include:
- Email Verification: All Team-One users are required to have a valid email account which they have to authenticate upon initial sign-up.
- Password Strength: Team-One passwords require at least 8 characters, a mix of upper and lower case letters and the use of letters, numbers or symbols.
- Two-factor Authentication: Two-factor authentication is supported through Team-One’s Google authentication support.
- Secure Hosting: The Team-One platform and associated data are hosted on enterprise-grade servers which meet, or exceed, the most stringent standards for datacenter security, including SOC 1, SOC 2 and SSAE 16.
- Data Security:
- As of Q2 2017, Team-One encrypts data in transit and at rest using industry-standard strong cryptography.
- Data at rest is secured by 256-bit AES encryption.
In addition, Team-One offers robust administrative tools to ensure data access is restricted according to the organization’s data access policies. These tools include:
- Workspace Membership: Information within Team-One is shared within Workspaces that are only visible to invited Users.
- Editing Controls: users are unable to edit content created by others, unless explicitly authorized to do so by the original creator of the content, or by an Administrator.
- Content Deletion: Administrators are able to undelete information previously deleted by a User.
- Restricted Access for Guests: Guests are not permitted to create content outside the specific Workspace to which they are invited. A range of other security measures prevents Guests from accessing content not explicitly shared with them.
- User Roles: Administrators can assign different levels of individual user roles
The BroadSoft Business bSecure capability provides industry-leading security to our customers. It is our commitment to employ best practices in every phase of the business, from software design and development, through deployment and customer support, to ensure we offer carrier-class security and reliability in all our solutions.
The bSecure program is BroadSoft’s commitment to use secure business practices in every phase of the business, from software design and development practices, through deployment and customer support, to ensure that we offer carrier-class security and reliability in all our solutions.
Whether you want ease of set-up and management over your own security or experts to configure the system for you with the highest level of security, BroadSoft is the right choice for eliminating your security concerns by providing best-in-class:
- Software Integrity
- Best Practices
Availability is the ability of our core systems to run and provide services even when under attack. There are many things that can impact the availability of a system, and we cannot predict the unpredictable. Our solutions are designed to keep running even in the face of an unprecedented attack. Our highly available service includes:
- Clustered Server
- “The hot upgrade” for applying patches
- Geographically distributed servers
- Graceful failover backups
Software Integrity is software that is built with inherent resilience to attacks. Each area of BroadSoft’s software has its own security options allowing administrators to provide appropriate levels of security in each application to keep the “bad guys” out. Our software meets, or exceeds, industry security standards, giving you and your customers peace of mind. BroadSoft security benchmarking includes:
- Hardening scripts for secure benchmarking
- Security controls for robust security
- More than 600 configuration settings
Compliance means assurance that security is implemented correctly by security experts. Most vendors will say that they have industry-leading security capabilities. But we have the compliance certifications to back up our claims. We have invested considerable resources to ensure our customers benefit from our continued commitment to industry best practices and benchmarks.
- ISO 27001