Security & Trust at PPM Express

We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices.

Security

We employ strict security measures at the organizational, application, and infrastructure levels to ensure security of customer data and our systems. These include:

PPM Express services and data are hosted in SOC I-, SOC II – and ISO-accredited data centers

Single sign-on support

Two-factor authentication for server access

Strong data encryption in transit and at rest (FIPS 140-2 compliant encryption algorithms)

Data segregation

Continuous network and security monitoring

Remote working via a corporate VPN only

Vulnerability management on a monthly basis

Internal physical security (keycard access and biometrics, surveillance camera monitoring) on a monthly basis

Information security aspects of Business Continuity Management (encrypted data backups, geo-redundant storage replication)

Product security features (access rights, login security, tenant deletion, etc.)

If you need more information about our security policy, guarantees, and infrastructure, please fill out the form bellow or contact us for detailed documentation.

Reliability

Platform Availability

We make real-time and historical platform status completely transparent and notify all our customers about any incident and outage activities on our Status Page. We offer 99.9% uptime commitment to our Enterprise customers.

Disaster Recovery

PPM Express utilizes many possibilities of our database and cloud infrastructure providers to store the data secure and prevent any data loss in case of possible disaster scenarios. These include daily continuous backups, regional backups, geo-replication of data across three Azure availability zones, encryption of backup data, recovery procedures and plan for restoring services.

Privacy

We continuously evaluate requirements from various legislations (global, EU originated) and build a strong privacy and security program to provide our customers with the assurance they need for the privacy and protection of their data.

Review our Privacy Policy to learn more about how we manage and protect our customers’ information. Please see our Security and Privacy whitepaper for more details about our privacy program.

GDPR

PPM Express has evaluated GDPR requirements and our current security and data privacy practices to ensure compliance with new regulations. To prepare for GDPR, we have undertaken some research and changes, both small and large ones.
These include:

Documenting and maintaining internal Information Security Policy that addresses various aspects of organizational and technical controls

We have updated our Privacy Policy to account for GDPR provisions, make it more transparent and easy to navigate. It also reflects improvements we have made to our security framework

Training employees on security and privacy practices, embedding Information Security Awareness training into an onboarding process, and signing NDAs with all employees

Providing data transfer mechanisms to legalize transfers of personal data outside of the European Economic Area

Providing all customers with a Data Processing Agreement at their request (please request our DPA by contacting us at legal@ppm.express)

Enhancing data security measures to address requirements on data segregation, data retention, data encryption mechanisms, etc.

Providing configurable privacy and compliance features to our customers

PPM Express helps to make compliance with GDPR easier.

PPM Express Security Whitepaper

Please provide your details to download the brochure