Control how information is shared to limit your risk profile. Smartsheet makes visibility intentional – content is only accessible to the author unless they choose to share it with other users.
Integrate Smartsheet with your tech stack, including Microsoft Defender for Cloud Apps, McAfee MVISION Cloud, Azure Active Directory, Jira, Salesforce and more.
Built-in audit trail
Maintain a record of changes within Smartsheet with user activity logs built in to our Business and Enterprise Subscriptions.
Safe domain sharing
Restrict external sharing to only trusted domains or users. Reduce the potential for data loss using a safe sharing list.
Security architecture: Defense in depth
We implement a combination of people, process, and technology to support customer data confidentiality, integrity, and availability.
Full stack vulnerability response
We utilize a combination of industry-leading vulnerability management practices, such as network scanning, SAST and DAST application testing, and more to secure our application.
Incident detection and response
We provide 24/7 event, incident monitoring, and response services through our in-house incident response team, ensuring timely investigation and resolution.
Internal risk assessments
We continually assess and address risks, working with stakeholders across every department. Our Information Security Steering Committee (ISSC) is committed to advocating for industry best practices across the organization.
Encryption at rest and in transit
All data is stored with NIST-approved ciphers, proven transport layer security (TLS 1.2), AES 256 at-rest encryption, and Amazon’s S3 service to store and serve uploaded files.
Secure software development lifecycle (SSDLC)
Smartsheet maintains an agile methodology. Our development lifecycle is built using industry standards, scanning tools, and automation for a secure and cyclical process.
Bug bounty program
Penetration tests are a start, but to ensure continuous visibility into vulnerabilities that can go unseen, the more eyes the better! Smartsheet engages with HackerOne to offer a bug bounty for developers.
Through partnerships with third-party vendors, Smartsheet’s security is tested across our applications and environments to ensure our platform conforms to our security standards.