Security

At TeamScore, security isn’t an afterthought - it’s been designed into the product from day one. We know that before you can benefit from our insights, you need to trust that your data is protected. That’s why we’ve built TeamScore on modern, battle-tested infrastructure, follow industry best practices, and are actively pursuing formal compliance certifications.

Our Approach

  • Security by design: From our database schema to our workflow orchestration, TeamScore was built with strict access controls, auditability, and encryption in mind. This means things like Row Level Security (RLS) at the database layer, encrypting sensitive values (such as access tokens and keys) in-memory before writing them to the database, and maintaining a clear separation of concerns across our architecture.
  • Zero spyware: TeamScore never installs monitoring agents on employee devices. We rely only on secure APIs from trusted cloud platforms. This means TeamScore can never be a supply-chain threat to your environment - we never run inside your infrastructure. Instead, we use read-only access to ingest data from your cloud vendors, keeping our footprint and risk profile significantly lower.
  • Shared responsibility, done right: We partner exclusively with top-tier vendors—AWS, Supabase, Vercel, GitHub, Redis, Cloudflare, and DBOS - all of whom maintain SOC 2 certification (or equivalent).

Data Protection

  • Encryption everywhere: 100% of data is encrypted at rest and in transit. In addition, sensitive values like access tokens and API keys are encrypted before being stored, and decrypted only in-memory when needed.
  • Modern authentication: All users sign in with Google Workspace or Microsoft 365 SSO, backed by your own company policies such as two-factor authentication, time of day and location limits.
  • Strict access controls: Access to our systems by our team members is role-based, logged, and minimized to only what’s necessary.

Operational Security

  • Universal 2FA & hardware passkeys for all accounts used by our team members.
  • Password management via enterprise-grade tools (Bitwarden) for our team members.
  • Isolated environments: Our marketing website (www.teamscore.io), the TeamScore application, and various admin tools run on separate stacks with no trust relationships. This means if there is a vulnerability in, for example, this marketing website, it doesn't expose the application.

Compliance

  • SOC 2 in progress: TeamScore is actively undergoing SOC 2 certification, expected to be completed before the end of our beta period.
  • Trusted vendors: Supabase, Vercel, Redis Cloud, AWS, Cloudflare and others are all SOC 2 compliant.

Transparency & Trust

We believe in performance intelligence, not surveillance. That means respecting both managers and employees by protecting privacy while ensuring data security. We’ll continue to evolve our practices as we grow, and we’re committed to communicating openly about our progress.

Want more detail? Contact us today.

Product
FeaturesPricingFAQs
Company
ContactAboutMedia
Resources
GuidesHelpBlogStatus
PrivacyTermsSecurity
Bluesky Streamline Icon: https://streamlinehq.com Bluesky
<year> TeamScore