Our as-a-service offers are audited periodically for compliance with important standards including HIPAA, ISO 27001, PCI DSS, and SOC 1 and 2, which helps customers meet their associated privacy responsibilities, for example under CCPA and GDPR.
|Access control||As part of its access protection policy, Teradata assigns a risk designation to every Vantage Operations position. Employees in these positions must complete screening criteria and sign security agreements before receiving system access.
Teradata enforces password complexity, stores and transmits only encrypted password representations, and sets minimum and maximum lifetime restrictions on passwords. Teradata cannot view or access your data – and we never transfer your data between countries.
|Network security||Teradata includes two layers of network security:
|Encryption||The approach to encrypting data in transit and at rest varies by deployment platform.|
|Active directory||Vantage is LDAP-ready.|
|User roles||Designated user IDs have permission to access Vantage and its stored data.|
|Monitoring||To help customers proactively detect cyber attacks and policy violations, the Vantage security monitoring process collects and correlates relevant security events (such as intrusions). Network devices send security events to the Teradata Security Information and Event Monitoring (SIEM) system, which responds according to the detected event.|
|Vulnerability management||Teradata performs regular scans of the environment and code to identify and remediate vulnerabilities in the software and operating systems.|