VantageCloud Enterprise is audited periodically for compliance with important standards including HIPAA, ISO 27001, PCI DSS, and SOC 1 and 2, which helps customers meet their associated privacy responsibilities, for example under CCPA and GDPR.
For more information, review our privacy policy at https://www.teradata.com/privacy and contact your Teradata account team for a copy of an audit report.
Security Method | Description |
---|---|
Network security | Teradata includes two layers of network security:
|
Vulnerability management | Teradata performs regular scans of the environment and code to identify and remediate vulnerabilities in the software and operating systems. |
Monitoring | To help customers proactively detect cyber attacks and policy violations, the Vantage security monitoring process collects and correlates relevant security events (such as intrusions). Network devices send security events to the Teradata Security Information and Event Monitoring (SIEM) system, which responds according to the detected event. |
Access control | As part of its access protection policy, Teradata assigns a risk designation to every Vantage Operations position. Employees in these positions must complete screening criteria and sign security agreements before receiving system access. Teradata enforces password complexity, stores and transmits only encrypted password representations, and sets minimum and maximum lifetime restrictions on passwords. Teradata cannot view or access your data – and we never transfer your data between countries. |
Active directory | Vantage is LDAP-ready. |
User roles | Designated user IDs have permission to access Vantage and its stored data. |
Single sign-on | Customers that have an identity provider can configure and use single sign-on (SSO), which enables users to log on to supported Vantage and third-party applications with a single set of credentials. |
Encryption | The approach to encrypting data in transit and at rest varies by deployment platform. |