Locked-up network perimeter
The network containing the Projectplace production servers (the service) is protected by redundant firewalls, intrusion detection systems and load balancers.
Role-based Access Control at Folder Level
Access control can be implemented at the folder level in Projectplace to prevent or enable user groups to access, read and modify the contents of a folder within a project.
We use known most secure Internet protocol, TLS 1.2 to encrypt data in transit. All files uploaded to Projectplace are also automatically encrypted when stored in our servers. We generate a unique key, using the AES-256 encryption algorithm and save files anonymously so that they cannot be identified.
Strong passwords and unique user names
Each user in Projectplace is identified with a unique user name and authenticated in the system with a personal password. Specific password requirements, such as password length and complexity, can be implemented by the Project administrator.
With two-step verification users’ accounts are protected by both their password and their mobile. We encourage all Projectplace users to enable this extra layer of user login security.
Physical and environmental measures
The Projectplace production environments are currently hosted in Ohio, USA for our U.S./Latin America customers and in Stockholm, Sweden for all other worldwide customers.Projectplace uses ISO-27001 certified and SOC2/SSAE16 audited co-location facilities, which provide around-the-clock physical security and top-notch environmental protection. It includes comprehensive identification systems, automatic fire protection, redundant climate control and fail-over power supply.
Protection against malware
Projectplace provides file integrity monitoring and anti-virus software for all our critical systems commonly affected by malware.
Audit logging, monitoring and traceability
Projectplace enables comprehensive traceability by means of object history. All changes are logged and visible. Logging information is stored in a secure manner to prevent unauthorized changes.