Good security is hard work. We're working hard to protect you.
tastyworks handles the Security of your Account and your Personal Information very seriously. We consider Security from top to bottom within our organization, and design and deploy a myriad of Defensive System Configurations, Security Devices, Sentinels and Real-time Monitoring systems to protect access and privacy surrounding your Account.
As a rule, we encrypt as much of the data and interactions with you as possible, which means encrypting the data at rest, in use and in transit. We employ industry recognized and adopted high standards in encryption protocols to protect the data that flows between you and our systems (TLS v1.2 256-bit). Your connection to our servers are signed with SSL Certificates issued from well-known and trusted authorities to ensure that you can trust that you are communicating with us and not some imposter.
To protect your identity and access to your Account we hash your passwords and other important security credentials to make it very difficult to determine what they are, even if someone has direct access to the raw information.
tastyworks regularly reviews, assesses, audits and fortifies our systems and code. We engage professional security consultants to identify and assess security vulnerabilities, proactively test our defensive measures, and independently review our systems.
We monitor employee access to data, run background checks, segregate internal business units and their access to information as necessary. We control access to our Networks with very stringent policies and controls.
Good Security Requires Your Help, Too
We do our part to protect you and your Account, but you can help protect yourself with the following practices:
Choose a strong password. Part of a good strategy for security is to choose Strong Passwords, and more importantly ones that are not shared with other accounts at other organizations. This way, a compromise at another company will not inadvertently give away your credentials here at tastyworks. For a list of bad passwords, take a look at this list:
Monitor your account activity. Make sure you are aware of any changes or activity in your account, and if you see anything which you can’t explain, please notify us immediately. We will normally try to notify you using emails, sms messages or push notifications for certain changes in your account, but there may be some instances where you may notice something wrong before receiving a notification from us.