Security at Theysaid
Application security
Penetration Testing
Data is encrypted in transit with TLS 1.2. Data is encrypted at rest with AES.
Continuous Monitoring
Independent third-party penetration, threat, and vulnerability testing.
Data Handling
Theysaid is in full compliance with GDPR and has support for data deletion.
SSO
User access controls with single sign on.
Secure Hosting
Theysaid’s cloud environments are backed by Google Cloud’s security measures.
RBAC
Role based account access workflows.
Continuous security
commitment
Penetration Testing
We perform an independent third-party penetration test at least annually to ensure that the security posture of our services is uncompromise
Continuous Monitoring
Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
Third-Party Audits
Our organization undergoes independent third- party assessments to test our security controls.
Roles and Responsibilities
Roles and responsibilities related to our information security program and the protection of our customer’s data are well defined and documented.
Information Security Program
We have an information security program in place that is communicated throughout the organization. Our information security program follows the criteria set forth by SOC 2 (and ISO 27001 soon).
Continuous Monitoring
We continuously monitor our security and compliance status to ensure there are no lapses.
Continuous security
commitment
Found a potential issue? Please help us by reporting it so we can fix it quickly.
security@theysaid.io.svg)
TheySaid recommends questions, delivers via your existing channels, engages your audience, and summarizes results through AI surveys.