Cloud Security Statement

Overview

ThinkTilt's ProForma platform consists of a web application that delivers content to our customer's Jira instances. Data is stored within each customer's Jira instance and only transmitted to ThinkTilt for the purpose of rendering the information correctly. ThinkTilt does not permanently store customer data.

Architecture

The ProForma platform is designed for redundancy and the expectation that failures will happen. Our application is stored in secure environments, completely managed by first-class cloud vendors like Amazon and Google.

Backups

Application backups are performed nightly. All backup data is encrypted. 

Security

ThinkTilt employees are responsible for the security of all data that may come to them, regardless of format. Only authorized ThinkTilt employees have access to the application. When accessing the application, each employee must authenticate with their individual authentication credentials.

Customers are responsible for securing their login information, that of their local JIRA instances and their end-user privacy.

The ThinkTilt team monitors system health and integrity from Melbourne, Australia.

While ThinkTilt has not undergone a third party security audit, we hold ourselves to security controls from the SOC-2 framework and have chosen cloud hosting providers that are SOC-compliant.

Privacy

ThinkTilt is committed to protecting your personal information. For more details, please see our Privacy Policy.

 

Reporting Issues

At ThinkTilt we take any reports of vulnerabilities seriously. If you encounter a security issue with any of our software or services, please report it to security@thinktilt.com. We have an internal SLA for responding to such issues, and are committed to addressing security issues promptly.

Please note that it is against our Terms of Service to run automated security scanning tools against our system without prior approval. If you are interested in providing such a service, please contact us at security@thinktilt.com.