Your data’s safety is not just an option but a promise. Security isn’t an afterthought; it’s part of the culture and the foundation of every decision we make. Taskade begins with the safety and privacy of your data in mind.

Secure User Authentication

Taskade employs a comprehensive suite of authentication features. At a basic level, we enforce a complex password policy, ensuring the foundational security of your account. We further strengthen this by supporting Two-Factor Authentication (2FA) through Google Sign In and intensify it with Multi-Factor Authentication (MFA).

For paying customers, Taskade partners with identity management giants like Okta, Azure AD, and Google Workspace, offering SAML and SCIM support, thereby maintaining a robust and diverse ecosystem for authentication.

  • SAML (Security Assertion Markup Language): An open standard allowing identity providers to pass authorization credentials to service providers. This ensures seamless and secure user access without the need for passwords. Taskade supports SAML authentication via Azure AD, Okta, and Google Workspace.
  • SCIM (System for Cross-domain Identity Management): Facilitates the automation of user provisioning and de-provisioning, making it easier to manage and synchronize user identities. Taskade integrates with SCIM via both Azure AD and Okta.

By employing a multi-pronged strategy, Taskade ensures your data is not only protected but ensconced in multiple layers of security.

Data Protection and Encryption

While Taskade currently does not provide end-to-end encryption, we utilize AES-256 encryption algorithms for both data at rest and in transit. This strategy ensures that essential features such as full-text search remain functional while maximizing data protection.

Data Privacy

Taskade believes in giving control to the users. By default, your projects and workspaces are private. Sharing access is completely at your discretion, ensuring you control who views your data. You have total control over permissions and access.

Internal Access

At Taskade, even internal access to data is highly restricted and continuously monitored. All personnel granted production server access are not only thoroughly vetted but are authorized by executive team members who are legally bound to protect your data.

Compliance & Future Roadmap

While we are in the process of becoming SOC2 and GDPR compliant, our current practices are designed to align with or exceed existing industry standards. Ensuring compliance is a top priority, and we are diligently working to obtain the necessary certifications.

Security Architecture & Monitoring

  1. Our service runs on AWS, and we follow their security best practices. Our servers run on Linux. Administrators use sudo to elevate privileges when necessary.
  2. We deploy Rate Limiting on account, IP, and audit event level.
  3. All relevant production log entries are stored remotely, with pattern matching and alerts for malicious intent, as well as unexpected crashes, exceptions and other error conditions.
  4. We harden system images and roll out new ones on every change automatically via CICD, this applies to all clusters. Security patches are rolled out automatically. We have process in place to roll out emergency patches instantly.
  5. We have thousands of unit tests, system tests, integration tests, confirming changes are secure, correct, performant.

Taskade AI

Empowering your workflow with AI, Taskade uses OpenAI's technology, leveraging GPT-4 and GPT-3.5 Turbo to offer intelligent, AI-powered tools. And we ensure this power comes without a compromise on data security.

While Taskade AI enhances your work with these powerful tools, your data security remains a priority. Adhering to our stringent data protection protocols, we assure you that your information will not be used for model training. Any data shared with our partners is exclusively to facilitate the delivery of Taskade AI features, and we strictly prohibit them from using your information for training their models or any other purposes. With Taskade AI, you can enhance your productivity while ensuring your data remains secure and confidential.

Partnerships & Infrastructure

We collaborate with leading industry players to build a robust security architecture. While some member data may be stored in our virtual cloud, our partners do not possess decryption capabilities.

System Uptime & Continuity

We deploy monitoring and (thousands of) alerts for system health, product health, and abuse (attack signatures, audit events).

Our server status page is completely separate from our production platform, all the way up to the domain registrar, and lets you know of any issue affecting production, as well as the @Taskade Twitter account.

Transparency in Business

  • Taskade will never sell your data.
  • You can use Taskade for free, and upgrade any time.
  • Taskade's revenue comes from paid subscribers — not advertisers.
  • Taskade is backed by seasoned entrepreneurs and reputable investors.
  • All Taskade employees undergo rigorous background and security checks.

Billing and Payment

Taskade processes credit card payments via Stripe. Stripe is a PCI-certified payment provider and meets arduous compliance standards. We also structure our payment forms so that your payment details are sent directly to Stripe’s systems and not stored in Taskade, which is an additional layer of security.

Got a question? Get in touch.

Contact Us