security

encryption

all data transmitted between your device and teni's servers is encrypted using tls 1.3. all data stored on our servers is encrypted at rest using aes-256. encryption keys are managed by aws key management service (kms) and rotated regularly.

authentication

teni requires multi-factor authentication (mfa) for all accounts. when you sign in, you verify your identity with your password and a code from your phone. we support authenticator apps (google authenticator, authy) and sms. mfa makes it much harder for attackers to access your account, even if they have your password.

compliance & certifications

teni is building toward soc 2 type ii certification. soc 2 is an audit standard that evaluates controls around security, availability, processing integrity, confidentiality, and privacy. we're in the certification process now and expect completion by q3 2026.

teni also complies with industry standards including nist cybersecurity framework and follows owasp secure coding practices.

data access logging

every time someone (including teni employees) accesses your data, we log it. we audit these logs quarterly to detect unauthorized access. you can request a report of all access to your account; email security@getteni.com.

infrastructure security

teni runs on aws, which provides industry-leading infrastructure security. we use:

• virtual private cloud (vpc) to isolate our infrastructure
• web application firewall (waf) to prevent common attacks
• ddos protection via aws shield
• regular penetration testing by third-party security firms
• automated security scanning and patch management

security practices

our team follows secure development practices:

• code review: all code is reviewed by a second engineer before deployment
• dependency scanning: we scan dependencies for known vulnerabilities
• secrets management: api keys and credentials are never hardcoded or stored in git
• least privilege: employees have access only to systems they need
• background checks: all team members undergo background checks

what you should do

security is a partnership. here's how you can protect your teni account:

• use a strong password: at least 12 characters, mix of uppercase, lowercase, numbers, and symbols
• enable 2fa: turn on multi-factor authentication — don't skip it
• don't share your login: your teni account is personal; don't give anyone else access
• watch for phishing: teni will never ask for your password via email. if you get a suspicious email claiming to be from teni, don't click links — email security@getteni.com
• use a password manager: tools like 1password or lastpass generate and store strong passwords

incident response

if we detect a security breach affecting your account or data, we'll notify you via email within 48 hours. we'll also file a breach report with the appropriate regulators. we maintain cyber liability insurance to cover costs of a breach.

bug bounty

we're working to build a formal bug bounty program. in the meantime, if you discover a security vulnerability, please report it to security@getteni.com. include a description of the vulnerability and how to reproduce it. please don't publicly disclose the vulnerability until we've had time to fix it.

third-party services

teni integrates with third-party services (stripe, square, your bank) to provide functionality. when you connect a third-party service, teni receives an access token that lets us pull data on your behalf. we never store your passwords. if you want to revoke access, you can disconnect the service in teni settings, or revoke the token directly in your third-party account.

contact security

questions about security? email security@getteni.com.