Integrity and security of your data is our highest priority

Over a thousand organisations worldwide trust Teamgo with their data. From enterprise to government, education and non profits, we’re responsibly manintaining dependable and secure infrastructure that meets compliance objectives.

Security is a paramount priority at Teamgo. From how we develop our solutions to transference of data between systems, we continue ensuring standards are maintained and access to information is restricted. As we expand functionality for transformative workplaces and deliver better business intelligence to organisations, we're focused on ensuring data security is key to all decision making for the systems we develop and the people that use them​

Chhai Thach
CEO of Teamgo

Secure online web dashboard

Our easy to use, centralised cloud dashboard is designed for administrators and employees alike working across multiple offices and locations. Built for working teams, assign employees to groups with permissions that give them access to the right tools for operating a more efficient workplace.

We store your data on secure cloud servers that can only be accessed by people you specify. Your data is maintained with detailed logs that can be exported with just one click or direct integration to existing systems.

Teamgo is highly sought after for enterprise and government customer or those that require compliance with PCI, ITAR, DSS, and other regulatory frameworks.

security-kiosklist
security-analytics
teamgo-system-diagram

System architecture you can rely on to protect your data.

All Teamgo customer data is securely transferred using HTTPS (industry grade SSL connection) across the Teamgo iPad app, Teamgo pass app, Teamgo dashboard and the secure cloud and servers.

At rest, data is encrypted using AWS encrypted databases and AWS S3 Server-side Encryption. Teamgo ensures protection against denial-of-service (DoS) attacks using CloudFlare’s advanced DDoS protection.

Why security of data is critical for your Visitor Management System?

Your Teamgo visitor management system service ties together your data, your guests data, your employee data and subscription payment information together. With critical information about your visitor processes and associated data flowing through, the security of the this sensitive data and your payment settings needs to be water-tight.

Your visitor management system collects sensitive information and frequently collects personal information as well, for instance, names, emails, phone numbers and so on. You owe your customers the promise that all of this data will be handled safely and securely and will never be shared without their consent.

The Teamgo Promise

At Teamgo, we take integrity and security of data very seriously. Due to the nature of the product and service we provide, it is important that we acknowledge our responsibilities both as data controller as well as a data processor. We store and process your data and that of your visitors with extreme care and help you to be compliant so that you can continue to build trust while enhancing visitors experiences.

We help you ensure your visitors that their information is and will always be secure. Our promise of security extends from the very system that handles all customer data, payment information and is an essential part of our product, processes, and our team’s culture.

Our facilities, processes and systems are reliable and third-party tested. We continuously look for opportunities to make improvements and give you a highly secure, scalable system to provide a great arrival experience to your visitors.

Teamgo lets you deliver a secure visitor experience at different levels by,

  • Securing your customer’s personal information

    Securing your customer’s payment information

  • Ensuring Internal Data security of your data that rests with Teamgo follows adherence standards.

  • Network Security within Teamgo: Network, application and operational level security policies that we follow.

PCI DSS Compliance

At Teamgo, we take data integrity and security very seriously. Due to the nature of the product and service we provide, it is important we acknowledge our responsibilities both as data controller as well as a data processor. We store and process your data and that of your visitors with care and help you be compliant so that you can continue to build trust while enhancing customer experiences.

We help you assure your visitors that their data is and will always be secure. The promise of security is based on the very system that handles all payment, billing, subscription, and customer data and is an essential part of our product, processes, and team culture.

Our physical facilities, processes and systems are reliable, robust and third-party tested. We continuously look for opportunities to make improvements and give you a highly secure, scalable system to provide a great visitor management experience to your customers.

Teamgo lets you deliver a secure visitor management experience at different levels by,

  • Securing your customer’s personal information and any associated payment information: compliance to PCI and GDPR.

  • Ensuring Internal Data security of your data that rests with Teamgo: adherence to ISO, SOC 1 & SOC 2, and MFA standards.

  • Network Security within Teamgo: Network, application and operational level security policies that we follow.

ISO 27001 Certification

ISO 27001 (formally known as ISO/IEC 27001:2013) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes with the aim of keeping information secure.

With ISO’s robust information security management system (ISMS) in place, you gain the additional reassurance that a full spectrum of security best practices are implemented across the organization.

Teamgo is ISO 27001:2013 certified and we’re committed to identifying risks, assessing implications and putting in place systemised controls that inspire trust in everything that we do – right from our codebase to physical infrastructure to people practices.

EU-US Privacy Shield

Teamgo complies with the EU-U.S. Privacy Shield and U.S.- Swiss Privacy Shield by adhering to the principles of protecting the rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.

GDPR

The General Data Protection Regulation (GDPR) is a European privacy law which became enforceable on May 25, 2018. The GDPR replaces the EU Data Protection Directive, also known as Directive 95/46/EC, and is intended to harmonize data protection laws throughout the European Union (EU) by applying a single data protection law that is binding throughout each member state.

Teamgo's GDPR Commitment

The core of Teamgo’s internal operations underpins protecting the personal data of our customers. We only collect and store information that is necessary to offer our service, and we do this with the consent of our customers. Adding to this, our approach towards privacy, security, and data protection align with the goals of GDPR.

Along with a highly secure and robust system architecture, we have a variety of security measures in place to prevent unauthorised access and processing of personal data.

By setting up an internal compliance team (with functional heads) who worked with an external specialist from a global audit firm, our requirements were assessed and the required changes were rolled out including direct data privacy management functionalities for our customers.

Physical and Network security

Teamgo uses Amazon’s AWS platform and infrastructure. Teamogo employees do not have any physical access to our production environment.

Here are more details about security setup of AWS.

Cloud security is the highest priority at AWS. As an AWS customer, we are benefitted from a data center and network architecture built to meet the requirements of the most security-sensitive organizations.

“Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities, with military grade perimeter control berms. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in. They are also continually escorted by authorized staff.”

In addition to physical security, being on AWS platform also provides us significant protection against traditional network security issues on the infrastructure including,

  • Distributed Denial Of Service (DDoS) Attacks
  • Man In the Middle (MITM) Attacks
  • Port Scanning
  • Packet sniffing by other tenants

Teamgo obtains the SOC 1 and SOC 2 report from AWS for the services rendered by them and validates the same for the effectiveness of the opinion of the third party auditor.

Administrative Operations

We at Teamgo, use two-factor authentication to grant access for our administrative operations including both, infrastructure and Teamgo service. Administrative privileges are restricted to very few employees. Additionally, both application level roles and AWS roles are used to ensure only required operations are allowed for specific users.

Any administrative access is automatically logged and mailed to our internal security team. Detailed information on when/why the operations are carried out are documented and notified to the security team before performing any changes in the production environment.

Host Security

SSH keys are required to gain console access to our servers and each login is identified by a user. All critical operations are logged to a central log server and our servers can be accessed only from restricted and secure IPs.

Hosts are segmented and accesses are restricted based on functionality. That is, application requests are allowed only from AWS ELB and database servers can be accessed only from application servers.

Application Security

  • Secure Access

    Teamgo’s application servers can be accessed only via HTTPS. We use industry standard encryption for data traversing to and from the application servers.

  • XSS

    All user input is properly encoded when displayed to ensure XSS vulnerabilities are mitigated.

  • CSRF

    All POST requests are checked for CSRF token before processing the request.

  • SQL Injection

    We use prepared statements for database access to avoid SQL Injection attacks.

  • Encrypted Data Storage

    We do not store sensitive card details on any Teamgo network. The keys for various third party services (like payment gateway) are stored in our database in encrypted form.

Vulnerability Scanning & Patching

We periodically check and apply patches for third-party software/services. As and when vulnerabilities are discovered we apply the fixes. We do periodic vulnerability scanning using the services of an authorized QSA.

Teamgo performs the VAPT assessment on a quarterly basis.

Data Storage & Redundancy

We use Amazon’s RDS for our database. The automated backup feature is configured for RDS. We backup data for upto 30 days. We have configured Amazon RDS in Multi-AZ which provides enhanced availability and durability. Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Learn more.

Monitoring

We use both internal and multiple external monitoring services to monitor Teamgo. Our monitoring system will alert the Operations & Security Team through emails and phone calls if there are any errors or abnormality in the request pattern.

Disclosure

We are working continuously to make our system secure. If you find any security issue, please send it to [email protected] We will make sure the issue is fixed and updated at the earliest.

We take security as our highest priority.

Integrity and security of your data is our highest priority

Our easy to use, centralised cloud dashboard is designed for administrators and employees alike working across multiple offices and locations. Built for working teams, assign employees to groups with permissions that give them access to the right tools for operating a more efficient workplace.

We store your data on secure cloud servers that can only be accessed by people you specify. Your data is maintained with detailed logs that can be exported with just one click or direct integration to existing systems.

Teamgo is highly sought after for enterprise and government customer or those that require compliance with PCI, ITAR, DSS, and other regulatory frameworks.

Request a Free Demo

To get a free walkthrough of Teamgo Visitor Management with a real person, simply fill out the form below.