TeamworkIQ takes the security of your data and our systems very seriously. We've put over 20+ years of experience building packaged and online software for some of the world's biggest companies into the security methods, practices, policies, code and systems architecture for TeamworkIQ.
While we proactively automatically monitor our systems for vulnerabilities and pride ourselves on rapidly responding to potential threats, we also understand that members of the community may discover a security issue that we may not have already detected.
If you believe you have discovered a security venerability or issue, please follow these steps to securely report it.
Step 1: Uncover Issues Responsibly and Be Law Abiding
If you have discovered a security issue, it is important that you do not exploit it to access any information other than your own. Do not attempt to elevate access to other services, servers, or systems.
Keep details about the vulnerability secret until you receive notification that the issue reported has been remediated. Instead, upon your request, we will provide you with a link to a secure site we have set up to receive and process such reports. Never include any descriptions or details about the issue in an email or other public message.
Step 2: Ask for a Secure Link to Report the Issue
To get a secure link to file your report, send an email to [email protected] with the subject line: "Potential Security Vulnerability Found". Do not include further details or file attachments in the body of the email. We will strip out and ignore all email body content and attachments. However, in reply to your email you will receive a link to a location at which you can safely and securely file a report with the necessary description and any sensitive details about the vulnerability.
Step 3: Securely Report the Issue
Using the secure reporting link we sent you, describe the issue in sufficient detail so that we can understand the potential issue and address it. If we have further questions or need more information, we will again contact you by email but without reference to specific details of the issue. Instead, you will receive a secure link to add additional information.