Nav Level 2 - Technology

Platform Security

Adaptive Insights' Business Planning Cloud Provides Enterprise-Class Protection, Service, and Resiliency

Security is at the core of our technology platform and how we develop, test, and deploy software. We maintain an exhaustive security program aimed at protecting and maintaining the integrity of your data. Our program includes regular third-party security examinations for security and data privacy. SWe also regularly conduct SOC 2 Type II audits by a third-party auditor. The SOC 2 audit is based on a set of standards for security with a focus on internal controls for managing physical and logical access to systems and data. In addition, we conduct regular third-party-led security/penetration tests numerous times a year.

SOC 2 Type II Compliance

Adaptive Insights provides enterprise-class protection, service, and resiliency you can rely on and trust. Adaptive Insights is SOC 2 Type II compliant. SOC 2 is the AICPA standard for reporting on controls at service organisations, including software-as-a-service providers. The SOC 2 attestation covers the security, confidentiality, processing integrity, and availability trust service principles.

TrustArc and Privacy Shield

With customers in more than 50 countries, Adaptive Insights regards data privacy and adherence to regional regulations with the utmost importance. TrustArc performs annual certification of our services to ensure compliance with EU-US and Swiss-US Privacy Shield Frameworks and the APEC Cross Border Privacy Rules (CBPR) system covering the collection, use, and retention of data. Our practices are also consistent with Canada's PIPEDA and the Australian Privacy Principles.

Skyhigh Enterprise-Ready™

Adaptive Insights meets the full requirements for data protection, identity verification, cloud service security, business processes, and legal protection to receive the Skyhigh CloudTrust™ enterprise-ready rating.

GDPR Compliance

On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (GDPR) went into effect in the European Union (EU). The GDPR establishes global privacy requirements governing how you manage and protect personal data of EU citizens and residents while respecting individual choice—regardless of where data is sent, processed, or stored. This expansion of the privacy rights of EU individuals places new obligations on any company that markets, tracks, or handles EU personal data.

At Adaptive Insights, we believe that the GDPR is an important step toward strengthening data protection laws across the European Union and enabling individual privacy rights. We are committed to GDPR‑readiness now that enforcement has begun on May 25, 2018. Learn more from our GDPR FAQs here. To access a copy of Adaptive Insights' Data Processing Agreement, contact us.

Speak with one of our technical specialists to learn more about how we let businesses collaborate effectively while safeguarding their data

Talk to an expert

Data Security and Protection

Adaptive Insights is only available over HTTPS, and all application data, logins, session cookies, etc., are transported using industry standard TLS encryption. Furthermore, all tape backup media, including on-site and off-site vaulting, is encrypted with at least 128-bit AES encryption. Using a true secure multi-tenant architecture, each customer's data is logically segmented from one another. Passwords are secured via one-way encryption using salted hashes and key-stretching algorithms. Organisations may opt instead to integrate with their existing identity and access management solutions (including cloud providers) by leveraging our SAML2 support. Administrators also have the option to lock down access to their accounts from only specified IP addresses.

Role-Based Security and Audit Trail

Adaptive Insights allows quick and simple management of permissions using a role-based access control model. Customer administrators define the specific permissions for each role and assign those roles to users. These controls can be made as granular as desired all the way down to the row level of a sheet. Sheets and reports will display only data within a particular user's or role's security permissions. The platform provides a comprehensive audit trail that records all interactions and lets administrators understand what changes were made, by whom, and when they happened.

Secure Infrastructure

All production systems and data operations are hosted in top-tier data centres within secure cages, with redundant power supplies, diverse carrier access, and robust physical security. Only limited authorised personnel have access to these systems using multi-factor authentication. Redundant firewalls with active fail-over and in-line intrusion detection/prevention systems enforce strong perimeter security. Continuous internal and third-party scans, including regular penetration testing, are performed to validate network, system, and application security.

Geographic Coverage and Disaster Recovery

Data centres are strategically placed to provide broad geographic coverage and great application performance to our customers worldwide. Organisations can easily maintain data sovereignty and know exactly where their data is at all times with the choice of hosting in our USA, Europe, Canada, or Australia data centres. To further protect against any possible case of failure, we maintain secondary and tertiary local databases and continuously replicate database transactions to geographically diverse disaster recovery (DR) sites within each country/region. DR plans are tested and updated regularly to ensure fast fail-over capabilities and to minimise any service disruption.

Reliable Uptime and Constant Performance Monitoring

Adaptive Insights has a proven track record of providing high availability, reliable performance, and secure access to a globally dispersed user base. We commit to a contractual uptime SLA (for a given month, excluding scheduled maintenance). We believe in transparency and continuously monitor our system availability and performance, and make these metrics available on our website.

Have more questions? We'll be happy to give you more details about our solutions.

Contact Us