"Nothing is more important to our company than the security and privacy of our customers' data."
— Moodi Mahmoudi, Co-founder, Collaborne
Collaborne ensures full security at the infrastructure level on various layers as detailed below:
Data Center Security
Collaborne's offsite SAS70 Type II data center provides 24/7/365 video surveillance, biometric and pin based locks, strict personnel access controls and detailed visitor entry logs.
All connections to Collaborne are secured via SSL/TLS with Perfect Forward Secrecy enforced for all supported browsers. Any attempt to connect over HTTP is redirected to HTTPS.
All emails sent by Collaborne are DKIM signed.
Application Development Security
Collaborne utilizes secure development best practices that integrate security reviews throughout design, prototype and deployment.
Customer Data Protection
All data is classified as confidential and treated as such. Sensitive production data is never migrated or used outside of the production network. Data uploaded by users is encrypted at rest, and only decrypted when it is requested.
Customer data is backed up hourly, and stored across multiple data centers.
Collaborne requires every request to its Application Programming Interface (API) to be authenticated via unique user names and passwords that must be entered when a user logs. Passwords are stored salted and hashed.
Users are required to set a secure password. Collaborne supports different patterns to create secure passwords like long passwords or shorter password with lots of different types of characters.
Robust enterprise-grade user administration ensure deep control on all data visibility and accessibility by users. By defining customized roles and authorizations, you're able to easily limit visibility and/or access of users to certain data parameters of the system. Collaborne comes out-of-the-box with a set of best practice configured roles for innovation project and program management capabilities.
Access point management
The application provides out-of-the-box a dedicated user storage, which can be used for authentication and authorization. Customers can create and configure the accounts for user logins via the Collaborne API. Alternatively, Collaborne can support for an external OAuth2- or SAML-based authentication service.
Customers can assign roles to users via the Collaborne API, thereby allowing to manage the access permissions in an Enterprise Identity Governance system.
Collaborne supports Multi-Factor Authentication (MFA). You can choose to use SMS text messages, or time-based one-time (TOTP) passwords as second factors in signing in your users.
Collaborne registers and monitors each users login to provide for full traceability and audit of the systems' usage at the user level. Collaborne provides comprehensive reporting and audit trails for nearly every action or activity that occurs within Collaborne. Collaborne tracks account actions, posts, and more in tremendous granularity. Some of the capabilities are:
- Track user name and date/time for various action types
- Generate detailed reports and sort by date range or user
- Predefined reports give insight into potential security concerns
Our system architecture is designed to virtually partition its data and configuration, and each client organization works with a customized virtual application instance. This ensure thorough ringfencing of your data and optimal privacy and security at the infrastructure level.