Security

Data Center Security & Redundancy

We work with top-tier hosting partners to ensure that you can deliver services to your organization confidently on a platform you can trust.

• Multi-site data redundancy
• Hosting at Equinix and AWS facilities
  • Facilities are AICPA SOC 1 examined and tested and ISO 27001 certified
  • Monitoring: Biometric scanning protocols, continuous surveillance
• 24 x 7 production environment management

Data Security

We build security into our product to ensure that your most valuable asset—your data—is protected. We also contract with third-party security professionals to conduct annual security assessments.

• Internal security
  • Third-party assessments by external security firm
  • Quarterly administrative access audits
• Multi-layer data access permissions
  • Partner security
  • Policy & procedure review

For more information on our third-party assessments, please contact compliance@smartsheet.com.

Encryption

Encryption serves as the last and strongest line of defense in a multilayered data security strategy. Smartsheet uses encryption to safeguard your data and help you maintain control over it. Here’s what you can rely on from Smartsheet:

• All data durably stored with NIST approved ciphers
• Proven transport layer security (TLS) technology from the most trusted providers
• AES 256 at-rest encryption
• Amazon’s S3 service to store and serve uploaded files

Operational Management

We have implemented policies and procedures designed to ensure that your data is secure and backed up to multiple physical locations. Our team is continually evaluating new security threats and implementing updated countermeasures designed to prevent unauthorized access to or unplanned downtime of the Subscription Service. Access to all Smartsheet production systems and data is limited to authorized members of the Smartsheet Technical Operations team.