At Tether, we safeguard your data using multiple layers of security—organizational, infrastructural, and procedural. Our ongoing goal is to align with best practices and seek audit-ready standards.
Organizational Security
- Every team member signs an industry-standard confidentiality agreement on their first day.
- We enforce least-privilege access and conduct quarterly access reviews, with strong password policies and 2FA wherever applicable.
Infrastructure & Cloud Security
- Our backend runs on Heroku atop AWS for reliable, audited infrastructure. (See Heroku Security and AWS Security for details.)
- All data is encrypted—at rest and in transit (TLS 1.2+).
- We maintain automatic backups and monitoring tools for data resilience and continuity.
Incident Response & Availability
- We have a formal incident response plan, including escalation, mitigation, and user communication.
- Our infrastructure includes failover monitoring and alerting to detect and respond to outages swiftly.
Data Transmission & Liability
- We implement administrative, technical, and physical controls, but no system is infallible. Data transmission is at your own risk.
- We cannot be responsible for circumvention of security protocols (e.g., on compromised endpoints or weak configurations).
Compliance & Assurance
- We are committed to continuous improvement and are working toward SOC 2 Type II compliance to demonstrate transparency and control maturity.
