Multi-layered security architecture
Tolk.ai has implemented a security strategy that significantly reduces identified risks:
- Mandatorymulti-factor authentication (MFA) on all business accounts, eliminating nearly 99.9% of intrusion attempts through credential theft
- LastPass password manager with automatic generation of unique and complex passwords
- End-to-end encryption: AES-256 at rest, TLS 1.3 in transit
- Exclusive deployment in certified European regions (Azure France, GCP Belgium)
Hosting and availability
Google Cloud Platform (GCP)
- Location: Belgium
- Availability rate: 99.9%
- Architecture orchestrated by Kubernetes
Microsoft Azure
- Location: France
- Availability rate: 99.9%
- Architecture orchestrated by Kubernetes
JavaScript widget protection
The chat widget, deployed as a JavaScript script on customer sites, complies with several security measures:
- Strict sandboxing policy to isolate the widget
- HTTPS communications exclusively via secure channels
- No data collection before the first user interaction (implicit consent)