Tellen Logo
Back to Blog
Header image for Security at Tellen
Security & Compliance
4 min read

Security at Tellen

October 21, 2024
Girish Gupta

Security at Tellen

At Tellen, our top priority is safeguarding clients' data. We achieve this through a simple yet powerful approach: we stay out of our clients' data entirely. Every bit of information resides within their own cloud environment, and we embed our entire infrastructure and software right into their environment as well.

This approach ensures that all AI models, databases, file storage, and more remain under their control. Their data—encrypted both at rest and in transit—never strays from their network, securely flowing through Microsoft's backbone or encrypted tunnels directly to their users' machines.

Core Security Principles

We operate on the principles of zero trust and least privileged access. Even within clients' own environments, access is tightly controlled. Permissions are granted only on a need-to-know basis, and every request for access is rigorously scrutinized, logged, and regularly audited to maintain ironclad security.

Our software is designed with security woven into every line of code. From the very start, we employ:

  • Automated end-to-end testing
  • Unit and mutation testing
  • Vulnerability scanning at every development stage

Network Security Architecture

Our network diagram shows that all endpoints—whether for AI models, databases, or storage containers—are dedicated exclusively to our clients. Data moves solely through the Microsoft backbone, avoiding the public internet entirely.

Key network features:

  • Virtual network meticulously segmented into subnets
  • Strict controls over port accessibility between subnets
  • Only the web app is visible to the outside world
  • Optional access through Twingate (modern, zero trust, peer-to-peer connection)
  • IP address restriction capabilities

Network Security Diagram

Network Security Diagram

Data Privacy Guarantees

At Tellen, your prompts, completions, embeddings, and training data are treated with the highest level of confidentiality. Your data is:

  • NOT available to other customers - Your data remains exclusively yours
  • NOT available to OpenAI - OpenAI has no access to your data
  • NOT used to improve OpenAI models - Your data doesn't contribute to refining OpenAI's models
  • NOT used to improve other products - Your data is exclusively for your use
  • NOT used for automatic model improvement - Models are stateless unless you explicitly choose to fine-tune them

When you do choose to fine-tune models with your training data, those models remain exclusive to your use, ensuring your proprietary insights stay within your control.

Compliance & Certifications

We're undergoing our SOC-2 audit, but we're not waiting for completion to demonstrate compliance. Independent verifications by Vanta already confirm our adherence to all SOC-2 security and privacy standards.

Live verification available at: trust.tellen.ai

Compliance Dashboard

Compliance Dashboard

Technical Security Measures

Encryption

  • Data at rest: AES-256 encryption for all data storage
  • Data in transit: TLS 1.3 for all data transmission
  • Industry-leading protocols protect against unauthorized access

Access Control

  • Multi-factor authentication (MFA) across all access points
  • Role-based access controls (RBAC)
  • Regular compliance audits
  • Only select, client-vetted US-based employees have data access
  • Majority of engineers work in separate development environments
  • Client-controlled access removal capabilities

Incident Response

  • Comprehensive 24/7 incident response plan
  • Continuous threat monitoring
  • Immediate system isolation protocols
  • Predefined investigation and resolution processes
  • Dedicated incident response team on standby

Employee Training

  • Regular security training for all employees
  • Phishing awareness programs
  • Secure coding practices education
  • Data protection regulation training
  • Continuous updates on latest threats and best practices

Our Security Commitment

At Tellen, security is not just a checkbox—it's fundamental to everything we do. By placing our infrastructure and software entirely within clients' cloud environments, adhering to strict security principles, and continually evolving our practices, we ensure client data is always protected.

Our commitment to security is unwavering because we understand that in today's digital world, trust is everything. When you choose Tellen, you're choosing a partner dedicated to safeguarding your business and its most valuable assets.