Teradata as-a-service offers are designed to comply with standards such as HIPAA and ISO 27001, as well as to help you meet associated privacy standards, such as GDPR and CCPA. For more information, review our privacy policy at https://www.teradata.com/privacy and contact your Teradata account team.
| Security Method | Description |
|---|---|
| Access control | As part of its access protection policy, Teradata assigns a risk designation to every Vantage Operations position. Employees in these positions must complete screening criteria and sign security agreements before receiving system access. Teradata enforces password complexity, stores and transmits only encrypted password representations, and sets minimum and maximum lifetime restrictions on passwords. Teradata cannot view or access your data – and we never transfer your data between countries. |
| Network security | Teradata includes two layers of network security:
|
| Encryption | The approach to encrypting data in transit and at rest varies by deployment platform. |
| Active directory | Vantage is LDAP-ready. |
| User roles | Designated user IDs have permission to access Vantage and its stored data. |
| Monitoring | To help customers proactively detect cyber attacks and policy violations, the Vantage security monitoring process collects and correlates relevant security events (such as intrusions). Network devices send security events to the Teradata Security Information and Event Monitoring (SIEM) system, which responds according to the detected event. |
| Vulnerability management | Teradata performs regular scans of the environment and code to identify and remediate vulnerabilities in the software and operating systems. |