Security and Compliance

tde pronova by tde understands the security and safety of data is essential. As a company and service provider we have created the environment where clients can trust us to handle, store and keep their data protected, consequently we take Security and Compliance seriously.

tde e&m ISO 9001:2015 Certificate

tde e&m ISO 45001:2018 Certificate

tde data ISO 9001:2015 Certificate

Data security is the most important thing for us, which we live strictly by the following rules:

  • tde pronova takes care that your data is securely stored in a separate area of our data store that contains only data dedicated to you and which is separate from data of other entities.
  • Only our tde pronova IT system administration and DB administration team has access to our productive server system, which is completely isolated from our development and test system.

Whenever you decide – for whatever reason – to leave pronova, you can request the complete deletion of all your data stored in our system. tde pronova also provides multiple ways to export your data in common file formats from our web-based application at any time.

We also support the programmatic API access to your data in our tde pronova data store via standardized web service calls (pronova REST API). In addition, data can be programmatically accessed from our certified WITSML Store (pronova WITSML Store).

tde pronova hosts its system in a redundant server environment with a high focus on backup processes:

  • Full data backups are done daily and kept for at least 30 days.
  • Backups of our virtual server environment are also done daily, which ensures a fast restore of the complete tde pronova system for disaster recovery reasons.
  • Backups of our data and servers are stored in a secure location independent from the productive environment.

We have Cisco firewalls for protecting our world-wide company network in place:

  • The next-generation Cisco firewalls which are used are kept up to date by our IT and network administration team on a regular basis.
  • Enhanced security modules are enabled for the whole tde pronova network to protect our offices and data processing centers.
  • The enhanced security modules cover: IPS (Intrusion Prevention System) and AMP (Advanced Malware Protection).
  • All our firewalls are centrally administrated with a management tool.
  • tde pronova keeps logs of all web application requests and can provide them for advanced user statistical analysis.

Our product development team for the tde pronova service abides by the rules of Scrum as a modern and agile development process with …

  • test-driven software development,
  • pair programming,
  • regular code reviews and
  • continuous integration with application security testing tools.

The development team consists of software engineers, product owners and drilling engineers with multiple years of experience in this domain. All developments of the agile process must be approved by a product owner and before they are part of our productive releases, the new features are tested and confirmed by our separate release team.

Our agile teams use a project management tool for issue and task tracking.

We have a well-defined release lifecycle in place, based on the iterations of the agile development process. Every four weeks the latest version of the tde pronova web application is deployed for all users. As part of this release and maintenance day (which occurs at least every four weeks) our tde pronova server infrastructure is updated to keep the complete system up to date and secure against any potential attacks.

We are using a deployment automation and management tool for the release of new tde pronova service versions.

Federation-based authentication is in place for user management, authentication and role-based access right assignment. We can offer you the setup of a trusted relationship between tde pronova and your organization for user authentication. This enables single sign-on for your users and allows you to keep the user management process completely in your hands.

Otherwise tde pronova can of course take care regarding the management of user access to our web-based analysis and reporting services by applying your organizational policies for your users in our user administration system.

We consider the privacy of your data and therefore we only require the minimum amount of personal information that is absolutely necessary to fulfill the purpose of your interaction with us. We only process personal data with your consent as part of our business relationship and we will never sell it to third parties.

We are compliant to the General Data Protection Regulation (GDPR) of the EU and comply with the EU-US Privacy Shield framework.

tde pronova provides support on multiple levels:

  • 24/7 support line accessible via phone, e-mail and live chat.
  • A central helpdesk software is used to efficiently track and process support tickets from all channels.
  • Third-level development and IT support for any technical issues that are notified by our 24/7 support line in urgent cases.
  • Any technical issues are tracked by our issue and task tracking tool.

As we are an independently owned company, our technological strategy is to cooperate with global and strong partners: