Security and Privacy

The security and privacy of customer data is incredibly important to us at Prodoscore. We’ve introduced a multi-layered approach to secure our customers’ private information, ensuring confidentiality and integrity of all data collected.

Our industry-leading security guidelines are based on in depth defense, as we are committed to rigorous security testing of our infrastructure and application to isolate and address any vulnerabilities. Our platform was built with several layers of protection across a distributed, reliable infrastructure, with all data stored in a secure data warehouse managed and secured by Google Cloud Platform (GCP).

Why Customers Trust Us

Security Architecture and Practices

The security and privacy of customer data is incredibly important to us at Prodoscore. We’ve introduced a multi-layered approach to secure our customers’ private information, ensuring confidentiality and integrity of all data collected.

Data Security

Customer account information is encrypted in transit and stored in a secure data center hosted by GCP.

  • Prodoscore uses encrypted connection protocols including HTTPS, SSL, and TLS
  • Mutual authentication is provided by a combination of digital certificate and per-instance shared key creation during deployment utilizing Google Cloud Key Management System (Cloud KMS)

Data Storage

Prodoscore uses multiple layers of encryption to protect customer data in the GCP.

  • Cloud data is stored using AES-256 encryption
  • Data is automatically encrypted before being written to cloud storage
  • Every piece of data (i.e. application activity metrics, scores, and activity logs) is organized into discrete blocks that are then encrypted

Data Privacy

Prodoscore does not view private information collected within your account – that data is yours. We only access customer data upon request from an authorized administrator for your account.

  • Client information stored in the cloud is encrypted at rest with our organizational keys – Prodoscore employees do not have access to this information unless temporarily granted by the customer for troubleshooting
  • User access is highly restricted and must be approved by an organizational admin designated by you

Data Recovery, Retention, and Protection

Customers have control of their own data. Active accounts have the ability to determine which specific data elements are to be retained and can be exported via numerous methods in compliance with Right to Data Portability (GDPR, Article 20).

The platform is architected with several layers of security across a distributed, reliable infrastructure. All Prodoscore data is stored in a secure data warehouse managed and secured by GCP.

  • Servers are hosted in a SOC2 type 2 compliant datacenter, across multiple availability zones/regions
  • Google’s physical infrastructure has been accredited under ISO 27001, SOC 1/SOC 2/SSAE 16/ISAE 3402, PCI Level 1, FISMA Moderate, and Sarbanes-Oxley

Identity Authentication

Prodoscore complies with your organization’s authentication security standards and protocols.

  • We provide Single Sign-On (SSO) and Multi-Factor Authentication (MFA)
  • When SSO &/or MFA is enabled, we delegate the user authentication process to identify providers that support the Security Assertion Markup Language (SAML) 2.0 standard
  • We have certified SSO for identity providers including Azure AD and Google Suite

Personal Information

Concerns about how personal information is used and shared have become more and more prevalent. Prodoscore enables organizations to surface productivity trends and gain insight into employee performance throughout the work day. Leveraging a data driven philosophy, we encourage our customers to be transparent about monitored activities. Employees deserve to know that their cloud tool activity is being captured and evaluated. They will benefit from actionable insights that enable personal development and improvement to the outcomes they deliver. Read more in our Prodoscore Pledge.

For information about your personal information, please visit our Privacy Policy page.

Passwords

Prodoscore does not have access to any password details. All passwords are encrypted in transit, and stored in a secure data center.

Compliance

Prodoscore supports compliance initiatives such as Privacy Shield and GDPR. Customers are responsible for evaluating their own compliance with the law.

Questions about security?

Please call or email us at 888.796.7688 or support@prodoscore.com.