Security

Tektome is committed to the highest standards of security, resilience, and data protection. We have implemented a comprehensive set of controls, frameworks, and operational practices to safeguard our customers, partners, and internal systems at every level.

AICPA/SOC
ISO/IEC 27001:2022
SOC2 Type1

  • Governance, Risk Management & Compliance

    We are SOC 2 Type 1 and ISO 27001–ISMS certified, operating under structured policies, procedures, and standards that align with industry best practice. These frameworks are designed to meet the requirements of multiple internationally recognised security compliance standards. (SOC 2 Type 2 is currently under review.)

  • Business Continuity & Disaster Recovery

    We maintain a comprehensive Business Continuity and Disaster Recovery framework to ensure operational resilience and rapid recovery in the event of cyberattacks, system failures, natural disasters, or other disruptions.

  • Data Protection and Security

    We employ robust safeguards—such as encryption, access controls, and secure data handling—to protect sensitive and personal information throughout its lifecycle. Our processes ensure full compliance with relevant privacy regulations.

  • Incident Response

    Tektome has implemented a structured incident response plan designed to rapidly detect, contain, investigate, and remediate security incidents. This minimises impact and enables swift communication, mitigation, and recovery.

  • Antivirus & Endpoint Security

    To prevent malware, unauthorised access, and endpoint-related threats, we use centrally managed antivirus and endpoint protection technologies, including Endpoint Detection and Response (EDR) solutions.

  • Access & Identity Management

    We enforce strict access and identity management practices, including role-based access controls, multi-factor authentication (MFA), and regular access rights reviews. These measures ensure that users operate with only the minimum privileges required for their roles.

  • Vulnerability Management

    We conduct ongoing vulnerability assessments, penetration testing, and systematic patch management. Automated tools and defined remediation processes help us reduce risk and maintain a strong and proactive security posture.