Security & privacy

Security

All Tensor Energy products are secure and private by default. Security and privacy are top priorities of our organization as a whole and during product development.

Our customers trust us with a significant amount of data, and we do not take this responsibility lightly. To earn the trust of our customers, we handle their data with the utmost care and integrity. This includes comprehensive internal security measures and industry-leading product security.

We want you to have confidence in how your data is being collected, transported, and stored.

Internal Security

Data encryption

Your data is encrypted at rest and protected by TLS in transit, and we protect secrets and other sensitive data with industry-leading secrets management tools.

Best-practice product design

We conduct thorough security-design reviews, threat modeling, and real-time security monitoring of our products. The source code of all our products goes through multiple stages of vulnerability scans before reaching production.

Time-bound access

We systematically limit internal access to critical tools and resources using time-based access.

All employees are required to use multi-factor authentication using hardware-based access keys. We also do not use IAM user keys, and our developers are only able to access our cloud systems through our federated identity provider.

Product Security

Password guidance

When choosing a new password, we provide visual guidance to help users pick strong passwords that have not been exposed in security breaches on other websites.

Multi-factor authentication (MFA)

MFA provides an additional layer of security beyond usernames and passwords. When logging into Tensor Cloud or accessing investment reports as an external user, Tensor Cloud will verify your identity through a so-called magic link.

Magic links are a form of identity verification that is bound to your email address and more secure than passwords and more convenient than other MFA methods such as hardware tokens. They are also more secure than SMS-based MFA, which is vulnerable to SIM swapping attacks.

Access control

Separate your workspace administrators from regular users to prevent accidental deletions, restrict new user invitations, and limit access to other administrative settings.

Privacy

We take the responsibility of respecting privacy seriously. Our commitment to data privacy encompasses the following pillars:

We only collect the minimum amount of data necessary for safe and efficient operation of our platform
We do not sell customer data
We restrict internal access to customer data based on least-privilege principles

Data Residency

All customer data is stored within the borders of Japan in AWS data centers that adhere to strict security requirements.

Adjacent data, such as customer support tickets, company emails, or business development information, may be stored in secure data centers outside of Japan.

Security & privacy

Security​

Internal Security​

Data encryption​

Best-practice product design​

Time-bound access​

Product Security​

Password guidance​

Multi-factor authentication (MFA)​

Access control​

Privacy​

Data Residency​