How can we help? 👋

Access Control

Least privilege, MFA everywhere, regular access reviews and prompt deprovisioning.

Access to Talkative systems is governed by our Access Control Policy, built on the principle of least privilege: access is granted on a need-to-know basis, and privileged access rights are restricted and managed.

Multi-factor authentication

MFA is enforced across our core systems, including our cloud infrastructure (root accounts included), identity and workspace accounts, version control, and key business systems.

Granting & reviewing access

  • Access is requested and approved through a tracked process, with a record of access requests and their history.
  • System accounts are associated with named individuals, and administrative account activity is attributable to the individual (non-repudiation).
  • Access is reviewed regularly across our infrastructure and business systems, with documented access reviews.
  • When personnel leave, their accounts are deprovisioned across our systems as part of offboarding.

Authentication standards

  • An enforced password policy applies to infrastructure access.
  • Applications enforce session timeouts, so idle sessions are not left open indefinitely.
  • The cloud root account is not used for day-to-day operations.
Request the Access Control Policy under NDA
Did this answer your question?
😞
😐
🤩