As a SaaS vendor selling to an enterprise customer, what type of data do you need access to?

What is the potential impact to your enterprise customer if the data and/or functionality you, as the vendor, are supposed to manage, is compromised?

What is your recovery time objective in case of critical failure? (e.g., your DB is deleted)

What is your recovery point objective in case of critical failure? (e.g., your DB is deleted)

Are you also using other third-party services to manage or support your customers?

Will your product be a system that your enterprise customer critically depends on? (e.g., your system is mission critical)

Are you hosted only on one of the major cloud providers or do you have any on-premise systems?

Trillo maintains comprehensive audit logging across all support, web end-user applications, technical operations applications, and staging and production management infrastructure.

These logs capture essential information to monitor and analyze activities within our systems, ensuring transparency and security.

Trillo is committed to ensuring the security of data across its platforms. We implement robust encryption methods for data in transit and at rest, safeguarding it against unauthorized access and breaches. Our data security measures also include regular security assessments, vulnerability management, and adherence to industry best practices.

Trillo supports a wide range of integrations to enhance the functionality and interoperability of our platform and sercices. These integrations form part of the software we provide.

Each integration undergoes a thorough security review to ensure it meets our stringent security standards, providing seamless and secure connectivity with external services and tools.

Trillo maintains real-time backups, enabling immediate data recovery unless during a disaster. Daily backups are conducted, with full incremental backups every week. We utilize incremental backups to ensure data is always usable and readily available.

Data transmitted between Trillo and its users is protected using mandated Transport Layer Security (TLS). If encrypted communication is interrupted, the Trillo application remains inaccessible to ensure data security.

All data at rest within Trillo's systems is encrypted using AES 256, providing robust protection against unauthorized access and ensuring data confidentiality.

Trillo employs a robust patch management process to ensure that all software and systems are kept up-to-date with the latest security patches. We perform regular scans of our servers and networks to identify vulnerabilities, which are then tracked and remediated promptly according to our vulnerability management procedures.

As part of our application security practices, Trillo conducts comprehensive code analysis, including peer reviews, static analysis, and dynamic analysis testing, before committing code to production. These measures help us identify and mitigate potential security vulnerabilities early in the development process.

Trillo follows a software development lifecycle aligned with Agile principles, incorporating security at every stage.

All Trillo engineers and relevant personnel undergo secure development training commensurate with their roles and responsibilities. This training ensures that our team is equipped with the knowledge and skills necessary to build and maintain secure applications.

Trillos's Data Processing Addendum is incorporated into the Terms of Service.

Trillo only uses essential cookies, and does not rely on cookies for marketing, analytics, or any other purposes.

Trillo ensures that all employees receive comprehensive privacy training to understand the importance of data protection and privacy regulations. This training covers key topics such as data handling best practices, privacy laws and regulations, and the responsibilities of employees in protecting sensitive information. Regular training sessions and updates ensure that our team stays informed about the latest privacy standards and practices.