Trelliswork Operations and Security
Data Centers and Location
Trelliswork production services are hosted on Amazon Web Services’ (“AWS”) EC2 and RDS platforms. The physical servers are located in AWS’s EC2 data centers. As of this date, AWS (i) has certifications for compliance with ISO/IEC 27001:2013, 27017:2015 and 27018:2014, (ii) is certified as a PCI DSS 3.2 Level 1 Service Provider, and (iii) undergoes SOC 1, SOC 2 and SOC 3 audits (with semi-annual reports). Additional details about AWS’ compliance programs, including FedRAMP compliance, can be found at AWS’ website.
All user content is stored within US regions of AWS. Trelliswork’s production environment is hosted on an AWS EC2 platform. User content can also be found in Trelliswork backups, stored in AWS S3.
We do not offer customers the option of hosting Trelliswork on a private server, or to otherwise use Trelliswork on a separate infrastructure.
Production Environment
We maintain separate and distinct production, staging, and development environments for Trelliswork.
To access Trelliswork production database, authorized and trained members of Trelliswork’s Engineering team (“Authorized Personnel”) authenticate to the VPN using unique strong passwords that are unencrypted using controlled private keys and then only access the production environment via ssh terminal connections using personal RSA certificates. Those members are also trained not to replicate non-public user data stored in Trelliswork’s production environment onto their workstations or mobile devices.
Network Security
AWS Network ACL and Security Groups are used to restrict access to Trelliswork’s systems as appropriate to their role. Active monitoring of these security rules is in place with alerting mechanisms in place for any changes to the configuration.
Login Security
SAML 2.0 SSO is supported for Trelliswork Enterprise customers. All customers can enable 2FA on their accounts or use Google OAuth. If SSO or OAuth is used to access Trelliswork, Trelliswork will inherit the login security settings in the user's IdP or Google account.
If logging in directly to Trelliswork using a username or email and password, Trelliswork requires a minimum of 8 characters. Repeated failed login attempts trigger a 30 second lock before a user can retry. Passwords are stored in a hashed form and will never be sent via email—upon account creation and password reset, Trelliswork will send a link to the email associated with the account that will enable the user to create a new password.
Password complexity and session length requirements cannot be customized within the app. However, these can be set within an IdP for an SSO-enforced team.
Access Control
Only Authorized Personnel have direct access to Trelliswork’s production database. Those who do have direct access to production systems are only permitted to view user data stored in Trelliswork in the aggregate.
Trelliswork maintains a list of Authorized Personnel with access to the production data environment. Trelliswork also maintains a list of personnel who are permitted to access Trelliswork code, as well as the development and staging environments. These lists are reviewed quarterly and upon role change.
Upon role change or leaving the company, the production credentials of Authorized Personnel are deactivated, and their sessions are forcibly logged out. Thereafter, all such accounts are removed or changed.
Physical Security
Trelliswork’s production services are hosted on Amazon Web Services’ (“AWS”) EC2 platform. The physical servers are located in AWS’ secure data centers. We require that production critical data is never to be stored by those with privileged access on physical media outside of our data hosting provider's production environments. See above for information on AWS’ compliance programs.
Encryption In-Transit
Trelliswork uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128-bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web, desktop, iOS, and Android apps and the Trelliswork servers. There is no non-TLS option for connecting to Trelliswork. All connections are made securely over HTTPS.
Encryption At-Rest
Data drives on servers holding user data use full disk, industry-standard AES encryption with a unique encryption key for each server. User photos are stored in Amazon’s S3 service. Photos are encrypted using Amazon S3 server side 256-bit AES encryption. The encryption, key management, and decryption process is inspected and verified internally by Amazon on a regular basis as part of their existing audit process. All Trelliswork backups are encrypted with AES-256 encryption.
Encryption Keys
Encryption keys for Trelliswork user files, stored in S3, are managed by Amazon. The encryption, key management, and decryption process is inspected and verified internally by Amazon on a regular basis as part of their existing audit process.
Development, Patch and Configuration Management
All changes to the Trelliswork production system, be they code or system configuration changes, require review prior to deployment to the production environment. All changes to Trelliswork’s code are tested in a staging environment prior to deployment to production. Updates to the Trelliswork web client are deployed on a rolling basis, usually several times per week. Trelliswork production servers are managed via a centralized configuration system. All Trelliswork system changes are peer reviewed and updates are deployed as relevant to their level of security and stability impact.
We restrict access as noted above and maintain separate lists of relevant roles with access to source code, development, staging, and production environments. These lists are reviewed quarterly and upon role change. We use source code management tools and repositories.
Event Logging
All Trelliswork API calls and application logs are kept for our internal purposes for at least 45 days without sensitive information (no full user tokens, no user generated content), and are available only for authorized employees as required by their role for monitoring of Trelliswork to ensure service availability and performance and to prevent abuse.
Application logs for Trelliswork are centrally collected in AWS CloudWatch for a minimum of 45 days for monitoring and analysis.
Backup
Backup Policy
Data entered into Trelliswork is backed up regularly. All backups are encrypted and stored at multiple offsite locations to help ensure that they are available in the unlikely event that a restore is necessary.
Files uploaded to Trelliswork as profile photos are not backed up on the same schedule, and instead rely on Amazon S3’s internal redundancy mechanism.
Trelliswork database backups are immediately encrypted with 256-bit AES encryption. Encrypted backups can only be decrypted by members of the Trelliswork operations team who have received training and have been authorized to decrypt the backups.
Backup Interval
A rolling live replica of Trelliswork’s primary database is constantly being synchronized in our standby database. Additionally, a full backup snapshot of the primary database is taken once every 24 hours.
Employee Policies
Security Awareness and Confidentiality
Security awareness and user data access policies are covered during our employee onboarding as appropriate to the role and employees are updated as relevant policies or practices change. Our employees also sign a confidentiality agreement.
In the event that a security policy is breached by an employee, Trelliswork reserves the right to determine the appropriate response, which may include termination.