Protecting your data is very important to us, we've outlined some of the ways we do this below and we're always looking at how to do even better.
- Authentication - We support SAML-based authentication, if passwords are stored directly they are hashed.
- Permissions - Administrators can set granular per-user access based on employee job function and role.
- Sharing - Users can determine who content is sent to or shared with.
- Audit Log - Actions are tracked for 90 days so you can review activity including time and user.
Policies & Procedures
- All staff have signed confidentiality and privacy agreements
- Access rights are based on employee's job function and role
- Proactive Software is committed to continual improvement of its security
Proactive Software use git for revision control. Any changes are testing in sandbox environments with both automated and manual testing. Passing code is then moved to a staging environment for further testing. When code is released to production we proactively monitor server logs for any issues. We also have a deployment process for urgent fixes that need to be pushed immediately.
- Your data is located on servers hosted by Rackspace in a SAS 70 Type II certified data center.
- Customer account data (contacts, projects, tasks, etc) is stored in separate SQL databases.
- Our office is secured via keycard access and CCTV systems.
- Remote access is limited to essential staff with strong passwords and IP restrictions.
- Your data is located on servers hosted by Rackspace in a SAS 70 Type II certified data center with 24x7 staffing, mantraps, CCTV and biometric access control.
- We maintain an inventory of all servers, network infrastructure and storage devices on which customer data is stored or processed.
- Staff computers and laptops are subject to software auditing and automated patching.
- All accounts use 128 bit SSL certificates, we do not support insecure connections.
- All customer data is encrypted when sent over public networks.
Credit Card Processing
- ProWorkflow are a PCI-certified SAQ-A merchant.
- All card processing is handled via our trusted partner, Payment Express.
- Your data is located on servers hosted by Rackspace in a SAS 70 Type II certified data center with redundant power, networking and cooling systems.
- We run redundant servers and databases as part of our commitment to making ProWorkflow consistently available.
- We take both local and offsite backups so we can restore from them in the unlikely event an issue at our data center.
Our sub processors are listed here.