Pricing Testimonials Blog News Last Updated: November 10, 2006
As Smartsheet.com stores your sensitive corporate and personal data, infrastructure and procedures are implemented to ensure information is secure. To achieve the highest levels of physical premise and data-level protection that today’s businesses require, Smartsheet.com offers a robust, comprehensive multi-level security environment.
Physical security
The Smartsheet.com application is hosted on dedicated servers in a SAS 70 certified data center in Dallas, Texas. The data center provides 24-hour physical security which is strictly monitored using keycard protocols, biometric scanning protocols and continuous surveillance. A dedicated Cisco PIX firewall provides a strong barrier of network security from the internet.
Data encryption
Smartsheet.com uses 128-bit Verisign SSL certification and 1024-bit RSA public keys to encrypt all data transmissions between your browser and our servers. Secure Socket Layer (SSL) technology protects your information using both server authentication and data encryption, in an effort to ensure that your data is safe, secure, and available only to registered Users in your organization.
User Authentication
Each User in your Smartsheet.com environment has a unique user name (their e-mail address) and password that must be provided each time a User logs on. Smartsheet.com issues a session "cookie" only to record encrypted authentication information for the duration of a specific session. The session "cookie" does not include either the username or password of the user. Smartsheet.com does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs. All account login attempts are logged, and account lockout policies are automatically applied after a certain number of failed login attempts.
Operational Management
Polices and procedures have been developed and implemented to ensure that your data is secure. Access to all Smartsheet.com production systems and data is limited to authorized members of the Smartsheet.com system operations team. Only in the context of responding to customer service matters, may these few individuals access production information.