TAK_OS

Security

How we protect your data and our infrastructure

At GoTAK LLC, security is a top priority. We implement industry-standard security practices to protect your data and ensure the reliability of the ADSBTAK service.

Infrastructure Security

Cloud Infrastructure

Hosted on enterprise-grade cloud infrastructure with built-in redundancy and DDoS protection.

Network Security

Firewalls, intrusion detection, and network monitoring protect against unauthorized access.

Regular Backups

Automated backups ensure data can be recovered in case of incidents.

99.9% Uptime SLA

High availability architecture ensures reliable service for mission-critical operations.

Data Encryption

Encryption in Transit

All data transmitted between your devices and our servers is encrypted using TLS 1.2 or higher. This includes:

  • API requests and responses
  • TAK Server connections (SSL/TLS with certificate authentication)
  • Web dashboard access
  • Webhook deliveries

Encryption at Rest

Sensitive data stored in our databases is encrypted at rest using AES-256 encryption. This includes:

  • User credentials (hashed with bcrypt)
  • API keys (encrypted)
  • TAK Server certificates and credentials
  • Payment information (handled by Stripe PCI-compliant infrastructure)

Authentication & Access Control

User Authentication

  • Secure password requirements enforced
  • Session management with automatic expiration
  • Email verification for new accounts

API Authentication

  • Unique API keys per user with configurable permissions
  • API keys can be rotated or revoked at any time
  • Rate limiting to prevent abuse

TAK Server Authentication

  • SSL/TLS certificate-based authentication
  • Support for client certificate validation
  • Encrypted credential storage

Operational Security

  • Principle of Least Privilege: Access to systems and data is restricted to those who need it.
  • Audit Logging: All significant actions are logged for security review.
  • Dependency Management: Regular updates to address security vulnerabilities.
  • Security Testing: Regular security assessments and code reviews.

Incident Response

In the event of a security incident, we follow a structured response process:

  1. Detection: Automated monitoring and alerting systems
  2. Containment: Immediate steps to limit impact
  3. Investigation: Root cause analysis and evidence collection
  4. Notification: Affected users notified within 72 hours as required
  5. Remediation: Fixes deployed and systems hardened
  6. Review: Post-incident review and process improvements

Responsible Disclosure

We appreciate the security research community's efforts to help keep our users safe. If you discover a security vulnerability, please report it responsibly:

  • Email us at sales@getgotak.com with details
  • Allow reasonable time for us to address the issue before public disclosure
  • Do not access or modify other users' data
  • Do not perform actions that could harm the service or its users

Compliance

We are committed to maintaining compliance with applicable regulations and industry standards:

  • GDPR compliance for EU users
  • Payment processing through PCI-DSS compliant providers (Stripe)
  • Regular security assessments

Questions?

If you have questions about our security practices or want to report a security concern, please contact us:

GoTAK LLC
Email: sales@getgotak.com
Website: https://getgotak.com

← Back to Home