View TSANet Data Protection & Privacy Statement at https://tsanet.org/legal-policy/

View legal documents including the code of conduct at https://tsanet.org/legal-documents/

The user profile requires Name, Email and Phone number. Members can also use Single Sign-on from their own identity management systems including support for just in time user provisioning and can control what information is sent to the TSANet Connect system.

Members can define what common customer information they require when receiving a request. All customer data is removed from the system after acknowledgement and the
system will remove all customer data after 30 days leaving only the request metadata below:

Submitted By, Case Number, Priority, Summary, Date Requested, Date responded

Data in transit is encrypted with SSL and data is encrypted at rest with AES-256.

The system was developed using best practices defined in the OWASP Secure coding practices guide. The Open Web Application Security project OWASP defines best practices for coding secure web applications. For more information on OWASP see https://owasp.org/

Some specifics of this best practice include:

1. Best practices for administration of the system including 2-factor authentication to all
   development and system administration environments
2. Encryption on the transmission of all data
3. Best practices for API development and access

The system is hosted at Akamai using the Linode Cloud Service.   Starting in the June 2024 release, TSANet Connect will also use Cloudflare for network security.

Akamai provides a complete solution, including physical and environmental security, that includes both networking and host operating environments up to and including the hypervisor.

The system is designed to provide 99.99% uptime. The following document provides information on the support process: https://tsanet.org/tsanetconnect-support