TERA Security & Technology Overview | SHB

TERA Security & Technology Overview

As a SaaS application provider, TERA is committed to ensuring the security, confidentiality, and integrity of customer data hosted within our platform. Clients retain full ownership of their data—TERA ensures it is stored, managed, and accessed securely. 

Company Overview 

TERA is a product developed by SHB Real Estate Ltd, a London-based commercial property firm offering technology solutions for portfolio and lease management. TERA enables real estate teams to make informed, data-driven decisions by centralising lease administration and ongoing leasing activity. 

Client Data Confidentiality 

TERA does not access or use client data beyond what is necessary to support normal use of the platform. Internal access to client data is strictly controlled by role-based permissions and governed by SHB’s data protection policies. 

 Privacy Policy 

Please see TERA’s Privacy Policy at for full details on how we handle personal data in accordance with GDPR and other relevant laws. 

Client Permissions 

TERA uses Salesforce’s built-in security and permissioning architecture to enforce robust access control: 

  • – All user access is scoped to the client company through Salesforce’s multi-tenant model and role hierarchy. 
  • – Admin users can view and manage all users within their organisation, including access levels and audit history. 
  • – Reports showing user access, login times, and associated IP addresses can be exported directly from the system. 
Authentication and Password Security 
  • – Passwords must meet complexity requirements, including a mix of uppercase, lowercase, numbers, special characters and minimum length. 
  • – Passwords are hashed using industry-standard algorithms (bcrypt). 
  • – No passwords are stored in plain text. 
  • – Session cookies are secured with Secure and HttpOnly flags. 
  • – Accounts are locked after a predefined number (3) of failed login attempts and require email-based unlocking. 
  • – Forgotten passwords are reset securely via email—no security questions or hints are used. 

In addition to this level of password security, Multi Factor Authentication (MFA) is enforced for all users requiring a One Time Password (OTP) upon each new session through an authenticator app of their choosing.  

Single Sign-On (SSO) 

TERA supports optional integration with Single Sign-On (SSO) and SAML 2.0, enabling secure federated authentication aligned with enterprise IT policies. 

Infrastructure and Hosting 
  • – TERA runs on Salesforce’s developer platform (Salesforce App Cloud) and leverages its enterprise-grade infrastructure. 
  • – All data is stored and processed exclusively within data centres located in the UK and the EU, ensuring compliance with GDPR and UK data protection laws. 
  • – Salesforce manages infrastructure patching, platform monitoring, intrusion detection, and data isolation. 
Encryption and Data Security 
  • – All data transmitted between clients and TERA is encrypted using TLS (Transport Layer Security). 
  • – Data at rest is encrypted using AES-256 encryption standards. 
  • – Salesforce’s infrastructure complies with global certifications including ISO 27001, SOC 1 & 2, and PCI-DSS. 
Service Monitoring and Logging 
  • – System performance, availability, and security events are monitored 24/7 using Salesforce’s internal logging and alerting tools. 
  • – Anomalies are reviewed and escalated by Salesforce’s security operations teams as necessary. 
Internal Security Practices 
  • – Access to client environments is restricted to authorised SHB personnel for support or maintenance, and only under strict access controls. 
  • – All staff are trained on information security best practices and adhere to internal confidentiality agreements. 
  • – Two-factor authentication is enforced for internal tools where applicable. 
Data Export and Portability 

In the event of termination of service, SHB Real Estate Ltd will export all client data in a structured format (typically CSV or other agreed format) and deliver it securely to the client. Data can be transferred via a secure, client-controlled SFTP environment. 

Questions or Further Information 

Please refer to our Terms of Service or contact our team at [[email protected]] for further information regarding our security standards and practices.