Data Security

1. Purpose and Scope

Tio takes data security very seriously.  This document sets out to describe how we protect data within the Tio web and mobile products.

2. Password Management

Good password practice is extremely important to data security.  

General

  • For security, traceability and functional reasons, the account must not be shared
  • Use of Tio requires a strong password, a minimum of 8 characters in length. In addition, we recommend the following:
    • The longer the password the better
    • Where possible, do not re-use passwords from other accounts
  • In line with latest best practice, Tio does not enforce password rotation
  • Accounts shall be temporarily locked in the event of multiple incorrect password entry
  • Tio does not store passwords in raw form

Tio Staff

  • Tio adds 2FA to its authentication practices

If you suspect a security breach related to passwords within Tio or another account, change your password immediately.

3. Data Storage 

Tio hosts its data on Microsoft Azure cloud services.  One of the worlds leading 3rd suppliers, providing a high level of physical and operational security. 

Physical Security

Please refer to the below link to learn about the security of Azure data centres: https://docs.microsoft.com/enus/azure/security/fundamentals/physicalsecurity

Data Location & Backups

Tio employs both redundancy and replication to support resilience of service.

  • All hosted data is held and stored within the United Kingdom
  • All data is backed up daily

4. Communication

All communication from web browser or mobile app is encrypted with a minimum of TLS 1.2 enforced.

5. Security Testing

Both web and mobile applications are regularly scanned by 3rd party tools and any potential vulnerabilities mitigated.

6. Credit card data

Tio uses 3rd party providers to process any credit card payments, it does not store credit card details.

Further questions?

In case of any further questions, please contact support@tiofiresafety.com