Security Objectives

Our security framework uses best practices in the SaaS industry to support our objectives:

Data and information integrity. We ensure that customer information is always secure at any moment, during transit and at rest.

Continuous defense. We maintain the availability of our services by proactively minimizing any security risks through continuous penetration, vulnerability, and risk assessments.

Alignment with standards and best practices. Our security practices follow industry guidelines for cloud security.

We would be happy to share our third party penetration test (Pentest) result. Please contact our team and request a copy of the Pentest report.

Organizational Security

Personnel Security

Tribe's security practices apply to all members of staff, independent contractors, and anyone with direct access to our internal systems and/or unescorted access to Tribe’s office space. Before gaining initial access to systems all employees must agree to confidentiality terms and pass a background screening.

Upon termination of employment at Tribe, all access is removed immediately.

Authorization/Authentication

Tribe adheres to the principle of least privilege – employees are given access only to the data that they must handle in order to fulfill their current job responsibilities. Employees are granted access to a small number of internal systems upon hire, but any requests for additional access must be approved by the system owner or their direct manager.

Where possible, Tribe employs multi-factor authentication for administrative access to systems containing any sensitive data.

Third Party Service Providers

Tribe uses third party providers for some aspects of our operations. Where those... (More)