|
Security
As Apptio may store your sensitive corporate and personal data, infrastructure and procedures are implemented to ensure information is secure. To achieve the highest levels of physical premise and data-level protection that today’s businesses require, we offer a robust, comprehensive multi-level security environment.
Physical security
Our SAS 70 certified data center provides 24-hour physical security which is strictly monitored using keycard protocols, biometric scanning protocols and continuous video surveillance.
Data encryption
Apptio uses 128-bit GeoTrust Secure Socket Layer (SSL) to encrypt all data transmissions between your browser and our servers. SSL technology protects your information using both server authentication and data encryption, in an effort to ensure that your data is safe, secure, and available only to registered users in your organization.
User Authentication
Each registered user in your Apptio environment has a unique user name (their e-mail address) and password that must be provided each time a user logs on. Apptio issues a session "cookie" only to record encrypted authentication information for the duration of a specific session. The session "cookie" does not include either the username or password of the user. Apptio does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs. All account login attempts are logged, and account lockout policies are automatically applied after a certain number of failed login attempts.
Operational Management
Strict policies and procedures have been developed and implemented to ensure that your data is secure. Access to all Apptio production systems and data is limited to authorized, background checked members of the Apptio system operations team. Only in the context of addressing customer service matters may these individuals access production information.
|
