Encryption in transit and at rest across Taloflow services.
Encryption Standards
Communications between you and Taloflow servers are encrypted via industry best practices (HTTPS).
Taloflow supports encryption of customer data at rest.
Encryption in Transit
All external traffic to and from Taloflow uses industry-standard HTTPS encryption:
User connections to Taloflow servers use HTTPS with modern SSL/TLS certificates
API connections from Vercel servers to Kubernetes clusters on Linode use HTTPS
Database requests use SSL encryption
Behind-firewall requests: Some internal requests within our firewall may not be encrypted, but these do not carry sensitive data and remain protected by firewall isolation
Service mesh: Full within-cluster encryption via service mesh is currently being deployed for additional defense-in-depth
Encryption at Rest
Customer data is encrypted when stored:
Object storage: Customer data in object storage is encrypted
Database backups: All backups are encrypted and compressed before storage
Customer Personal Information (PII): Encrypted and managed by Auth0
Confidential information: Decrypted only at the resolver level when needed for operations
Block storage: Linode-managed encrypted volumes
Cryptography governance
Changes involving cryptography are peer-reviewed before deployment.
