We take information security very seriously. For that reason, we process and handle your data on only the best and most secure datacenters available!
We partnered up with the best and most secure hosting providers in the market. Hence, the hosting facilities storing your data comply with the highest security standards such as SOC 2, SOC 3 and ISO27001.
Access management and security
ActionPlanner is a cloud based service, that you access over the internet (no installation needed on your computer). You will, as our Client, have your data secured with SSL (HTTPS protocol) to establish an encrypted secure channel between your computer and our server.
Your user account password is hashed using SHA1 and stored securely. Furthermore, it is possible to enable Single Sign On (SSO) and even limit users in your account, only to be available to login from certain IP addresses that you define.
Technical and organizational safeguards
You, not ActionPlanner, exclusively decide which users to grant access to your account and the level of transparency each user should have. You also decide what user roles and responsibilities to assign. These user settings govern what information, functionality and notifications each user will have access to in your account.
We make daily backups of your data. The backups are securely stored in a separate data center. All traffic between data centers is done through a private network, making data transfers more secure.
Internal and external penetration tests
Our internal testing team performs periodical reviews to preemptively identify potential weaknesses in the application. In addition, an external organization performs a thorough penetration test, including testing both the application and the systems it runs on.
Application vulnerability scans and source code reviews
The ActionPlanner application is also tested. This test includes a full application scan to identify potential vulnerabilities, including information leaks and cross site script vulnerabilities. In addition, we perform source code reviews to identify potential risk areas and security vulnerabilities.
Network performance and security is monitored 24×7. Automated DDoS mitigation controls are in place should a DDoS attack occur.
- ActionPlanner logs system activities, application processes and user activities
- All initiatives have an audit trail
- Data can be checked against backups
Data retention and deletion
Your data is irretrievably deleted after 90 days of the license expiry.
ActionPlanner supports the newest version of the following commonly used browsers running on desktop PC’s, laptops, tablets and phones:
- Google Chrome
- Apple Safari
- Microsoft Edge
- Mozilla Firefox
Frequently Asked Questions
In case of questions, feel free to reach out to us – your ActionPlanner Team.
Furthermore, we encourage you to visit our page dedicated to how ActionPlanner complies with the GDPR.