Security

We protect every bit of your data. 

 

"We also considered other solutions, but our important requirements of security and simplicity led us to choose Projectplace."
Mats Granström, IS Information Manager at ABB
Security

Confidentiality

Locked-up network perimeter

The network containing the Projectplace production servers (the service) is protected by redundant firewalls, intrusion detection systems and load balancers.

Role-based Access Control at Folder Level

Access control can be implemented at the folder level in Projectplace to prevent or enable user groups to access, read and modify the contents of a folder within a project.

Military-grade encryption

We use known most secure Internet protocol, TLS 1.2 to encrypt data in transit. All files uploaded to Projectplace are also automatically encrypted when stored in our servers. We generate a unique key, using the AES-256 encryption algorithm and save files anonymously so that they cannot be identified.

Strong passwords and unique user names

Each user in Projectplace is identified with a unique user name and authenticated in the system with a personal password. Specific password requirements, such as password length and complexity, can be implemented by the Project administrator.

Two-step verification

With two-step verification users’ accounts are protected  by both their password and their mobile. We encourage all Projectplace users to enable this extra layer of user login security.

Integrity

Physical and environmental measures

The Projectplace server environment is hosted at two separate co-location facilities in Stockholm, Sweden. Projectplace uses ISO-27001 certified and SOC2/SSAE16 audited co-location facilities, which provide around-the-clock physical security and top-notch environmental protection. It includes comprehensive identification systems, automatic fire protection, redundant climate control and fail-over power supply.

Protection against malware

Projectplace provides file integrity monitoring and anti-virus software for all our critical systems commonly affected by malware.

Audit logging, monitoring and traceability

Projectplace enables comprehensive traceability by means of object history. All changes are logged and visible. Logging information is stored in a secure manner to prevent unauthorized changes.

Availability

System status and performance

Since 2004, Projectplace has an average uptime of 99.98%

The availability of the Projectplace service and the uptime status are monitored by an independent third party (Pingdom) and published daily on the Projectplace website.

» Daily system availability and performance

» Annual availability and maintenance

Multi-layer redundancy

The network infrastructure of Projectplace is designed for complete redundancy and maximum availability. In the event of failure, all operation-critical equipment - including routers, firewalls, web, application and database servers, as well as storage and network arrays - is deployed and configured for seamless transition.

Web acceleration using Akamai

Thanks to collaboration with Akamai content delivery service, one of the world's leading distributed, computing platforms, Projectplace is now even faster and more reliable.

Disaster recovery and business contingency

The Projectplace production system is run on a multi-site cluster at two geographically dispersed locations. All critical servers and applications are installed at both locations, which, in the event of a major disruption or disaster, ensures business continuity. If one of the locations fails, the second site is configured to take over all production tasks with minimal service disruptions and capacity loss.

Backup and restoration

Projectplace has into effect multi-step mirroring and backup routines for the production databases and document storage systems. In the unlikely event of multiple server failure, the backups sole purpose is to restore the entire production system.