Endpoint Detection and Response (EDR)
Endpoint detection and response is required on all Toku employee endpoints. Endpoint monitoring covers malware, ransomware, fileless attacks, and anomalous behavior on devices with access to Toku systems.
Endpoint protection was strengthened as part of the 2026 security hardening program. All employees must keep endpoint protection installed and active.
Device Management
Company-managed devices are subject to configuration enforcement, OS patch compliance, software inventory, and security policy application. Devices must meet Toku baseline security requirements before accessing production systems.
VPN and Zero-Trust Network Access
All internal access to Toku production infrastructure routes through zero-trust network access. Only authenticated and authorized devices can reach production resources, and VPN traffic is encrypted end-to-end.
Zero-trust network access was strengthened as part of Toku 2026 infrastructure hardening, adding network-level access control on top of endpoint and application-level protections.
Endpoint Monitoring
Toku maintains additional endpoint monitoring on devices with access to critical systems. This supports security monitoring, investigation readiness, and evidence collection.
Mandatory Security Software
Every Toku employee device must meet the following security requirements:
- Endpoint detection and response installed and active.
- Zero-trust VPN access enabled for production infrastructure.
- Device management, patch compliance, disk encryption, and screen lock enforcement active.
Compliance with these requirements is monitored and enforced. Failure to maintain required security controls is treated as a performance issue.
Security Readiness
Toku maintains investigation readiness on employee endpoints with access to critical infrastructure. Evidence collection procedures are validated and maintained as part of Toku's security hardening program.