Trust and Security
At TRIFFT, we understand that trust is earned through unwavering commitment to security. When it comes to handling private customer data within loyalty programs, this commitment is even more critical. We prioritize the protection of your data and the integrity of our platform, ensuring that your loyalty programs and customer information are always safeguarded.
SYSTEM ACCESS CONTROL
TRIFFT employs industry-standard access controls, including two-factor authentication (2FA) and role-based access management, to ensure your customer data and production environments remain secure.
Access is tightly controlled via our administration portal, allowing you to define and manage permissions based on organisational roles.
All access events and changes to data are thoroughly logged, preserving the integrity and confidentiality of your most valuable assets.
.png)
.png)
Data Protection
Customer data is protected both in transit and at rest. We use SSL encryption for data in transit, ensuring secure communication between our servers and client devices. For data at rest, we utilize a FIPS 140-2 validated cryptographic module for storage encryption.
Our databases are backed up daily, with backups encrypted and stored for 14 days with geo-redundancy. This process ensures that data can be restored in case of system failure, accidental deletion, or other data loss scenarios.
We have implemented data masking for accounts without PII (Personally Identifiable Information) rights. Data is anonymized when it is deleted to ensure that no sensitive information can be extracted from our systems after the fact.
Cloud security & Compliance
hosting on Microsoft azure
Our applications are hosted on Microsoft Azure, primarily using data centers in Amsterdam, adhering strictly to the highest level of data security and privacy standards.
gdpr
TRIFFT is in compliance with the General Data Protection Regulation (GDPR) and adheres to PCI DSS Level 4. We consistently review and update our policies and procedures to ensure ongoing compliance.
.png)
.png)
Business continuity
disaster recovery
In the event of a disaster or major service disruption, we have implemented multiple geolocations for our services in the Azure Cloud to maintain business continuity. We rely on Azure's Disaster Recovery architecture to ensure that our infrastructure can be quickly and effectively restored. We conduct annual training exercises on our disaster recovery plan to ensure preparedness.
Physical Security
As our applications are fully hosted on Microsoft Azure, all physical security measures are maintained by Microsoft, ensuring that our data centers meet the highest security standards.
Incident Response and Management
We have established a robust incident response protocol, offering enterprise customers multiple support channels, including live chat, email, and phone support, to report security incidents promptly.
Automated logging, scanning, and auditing tools proactively monitor for potential breaches. A dedicated response team is ready to manage incidents, minimize impact, and restore normal operations swiftly.
After each incident, a thorough review is conducted to understand the cause, evaluate the response, and identify improvements. Insights from these reviews strengthen our security measures and refine our response plans.
.png)
GET IN TOUCH
Book a 15-minute chat with our experts and explore possibilites.
