Adaptive Insights provides enterprise-class protection, service, and resiliency you can rely on and trust. Adaptive Insights is SOC 2 Type II compliant. SOC 2 is the AICPA standard for reporting on controls at service organizations, including software-as-a-service providers. The SOC 2 attestation covers the security, confidentiality, processing integrity, and availability trust service principles.
With customers in more than 50 countries, Adaptive Insights regards data privacy and adherence to regional regulations with the utmost importance. TRUSTe performs annual certification of our services to ensure compliance with EU-US Privacy Shield, US/Swiss Safe Harbor Framework, and APEC Cross Border Privacy Rules (CBPR) system covering the collection, use, and retention of data. Our practices are also consistent with Canada's PIPEDA and the Australian Privacy Principles.
Certification of Adaptive Insights will shorten the evaluation process for the many enterprises interested in leveraging this popular cloud-based CPM solution, giving potential users confidence in its robustness and accelerating deployment.
Kamal Shah, vice president of products and marketing at Skyhigh Networks
Adaptive Insights is only available over HTTPS, and all application data, logins, session cookies, etc., are transported using industry standard TLS encryption. Furthermore, all tape backup media, including on-site and off-site vaulting, is encrypted with at least 128-bit AES encryption. Using a true secure multi-tenant architecture, each customer's data is logically segmented from one another. Passwords are secured via one-way encryption using salted hashes and key-stretching algorithms. Organizations may opt instead to integrate with their existing identity and access management solutions (including cloud providers) by leveraging our SAML2 support. Administrators also have the option to lock down access to their accounts from only specified IP addresses.
Adaptive Insights allows quick and simple management of permissions using a role-based access control model. Customer administrators define the specific permissions for each role and assign those roles to users. These controls can be made as granular as desired all the way down to the row level of a sheet. Sheets and reports will display only data within a particular user's or role's security permissions. The platform provides a comprehensive audit trail that records all interactions and lets administrators understand what changes were made, by whom, and when they happened.
All production systems and data operations are hosted in top-tier data centers within secure cages, with redundant power supplies, diverse carrier access, and robust physical security. Only limited authorized personnel have access to these systems using multi-factor authentication. Redundant firewalls with active failover and in-line intrusion detection/prevention systems enforce strong perimeter security. Continuous internal and third-party scans, including regular penetration testing, are performed to validate network, system, and application security.
Data centers are strategically placed to provide broad geographic coverage and great application performance to our customers worldwide. Organizations can easily maintain data sovereignty and know exactly where their data is at all times with the choice of hosting in our USA, Europe, Canada, or Australia data centers. To further protect against any possible case of failure, we maintain secondary and tertiary local databases and continuously replicate database transactions to geographically diverse disaster recovery (DR) sites within each country/region. DR plans are tested and updated regularly to ensure fast failover capabilities and to minimize any service disruption.
Adaptive Insights has a proven track record of providing high availability, reliable performance, and secure access to a globally dispersed user base. We commit to a contractual uptime SLA (for a given month, excluding scheduled maintenance). We believe in transparency and continuously monitor our system availability and performance, and make these metrics available on our website.