Thousands of organizations trust and rely on Workboard to set and achieve their goals and to manage people and teams. This trust is based on a quality product and service, excellent customer support and keeping their data private and secure. This page will provide you with more transparency into how we ensure your data is protected and secure.
We take your security and privacy very seriously. Our executive team reviews and directs our policies and processes; our controls and practices are robust. We have a round-the-clock incident response protocol in place. A combination of user-directed account controls, encryption and network, physical and system-level security are the primary mechanisms of protecting data.
We continuously review and assess our systems for vulnerabilities to ensure Workboard meets the needs of our enterprise customers. Testing includes, among other things, physical and perimeter security and OWASP assessments including injection, broken authentication and session management, cross‐site scripting (XSS), insecure direct object references, misconfiguration, sensitive data exposure, missing function level access controls, cross-site request forgery, search for components with known vulnerability, and unvalidated redirects and forwards.
Account access and security
You own your data and you determine who has access to your team’s information and shared work. Each team owner must explicitly invite other users to share and access information on Workboard; only users on a given team can see shared information on the team. A user may have as many teams as they need (there is no cost for teams); users not on a given team do not see or have access to any of the team’s data. Team owners and originators may remove members from their team at any time. When a team owner/originator elects to remove a person from the team, the owner can also determine how to manage that user’s actions, files, and other work. Once removed, users no longer have any access to the team from which they were removed. If they were a member of other teams or had created their own Workboard team, they continue to have access to those.
Any Workboard user can create a Workboard team and choose who to invite to it and what permissions to grant to team members; you may be on teams others have created and on teams you created. For each team you create and manage, you define and assign specific permissions to members of that team. In this way, you can have different permissions and privileges. There are five levels of permissions: Manager, Co-Manager, Executive Viewer, Team Admin, and Member. See more detail about permissions.
IDs and passwords
Each Workboard user creates their own unique user ID (their email address) and password. Workboard enforces strong passwords and password resets. We encourage our customers to follow modern best practices for ensuring data integrity and security such as generating secure, random passwords with a combination of upper and lower case letters, symbols and numbers. At a minimum, we require passwords to consist at least 9 characters, including at least 1 uppercase letter and 1 number.
Passwords are transmitted and stored encrypted and are not visible to anyone in plain text.
User provisioning and single sign on
While users can self-provision from Web or mobile devices, Workboard can assist large organizations with provisioning many users at once. Contact our Enterprise Team for this assistance; it can typically be done the same day.
Single sign on and central password provisioning are available for an additional layer of convenience and security via any SAML 2.0 compliant Directory Server.
Organizations can elect to restrict access to their Workboard data to a list of IP addresses. Only these IP addresses will be able to access their Workboard instance—all other IP addresses are automatically blocked.
Workboard provides users with a unique email address to create and assign action items via email; this is done by sending emails to the user’s unique Workboard email address. To protect users from receiving malicious content, we match the email address in the user’s account name and ID with the sender of action items. If the email addresses don’t match, we block any action item from being created or assigned.
Data security and encryption
All files, documents, and user passwords are encrypted in transit and in the database. Transmission of customer information to and from the core production service is via industry-standard transport layer security (TSL).
To secure your unstructured data, we employ strong multi-factor encryption. Each object is encrypted with a unique key. As an additional safeguard, this key itself is encrypted with a regularly rotated master key. 256-bit Advanced Encryption Standard (AES-256) is used to encrypt data.
Organizations can request that their structured data be encrypted in the database. In addition, customers can opt to directly manage and rotate their own encryption keys through the AWS Key Management System. Contact our Enterprise Team for more information.
For production data, access is strictly limited to personnel authorized by our Information Security Officer for the purposes of ensuring data availability, deployment, configuration and system-level (not account or user-level) troubleshooting. Access is via SSL from designated pre-authorized IP addresses with strong password controls. For troubleshooting with users, Workboard support employees use screen sharing directly with users and only as authorized by users; they do not have access to and cannot see your account or data (and there is no mechanism for them to do so).
Global Data Privacy Regulations Compliance (GDPR)
Workboard complies with GDPR, including our users’ right to be forgotten. In preparation for 2018 rule changes, we conducted thorough analysis of data chain with privacy and legal experts.
Data centers and data are located in Germany for European customers at Amazon Web Services. The data is encrypted in transit and at rest and key management can be done at the database or data field level.
Data availability and backup
To ensure availability and reduce any possibility of disruption or data loss resulting from planned maintenance, instance failure or availability zone failure, the core production service automatically rolls over to a duplicate standby instance so that database operations can resume quickly without administrative intervention. The service uses synchronous replication and concurrent database writes on both the primary and standby so that the standby is a complete duplicate.
In addition to redundant instances, the production system is backed up twice daily and back up data is stored in a facility in a different state. This ensures we can quickly restore service from complete physical disaster. Back up data is transmitted over a private network link. No portable or removable media are used.
The Workboard service is multi-tenant. Your data may live on the same servers as another user’s data. Your data is private, and protected through your choices to invite others to your team and the permissions you grant them as you do.
Disposal of information ensures the continued protection of our customer’s information.
Customers are responsible for and have the authority to delete their own information via the user interface. When customers delete documents or files via the user interface to the core production service and application, still-encrypted files are deleted immediately. When action items or other transaction data are deleted, it is deactivated and inaccessible. Contact our Enterprise Team to request permanent deletion of your archived data.
When storage devices are decommissioned, the process is designed to prevent data from being exposed to unauthorized individuals. All storage devices are degaussed and physically destroyed prior to disposal in accordance with industry-standard practices.
The Workboard service performs server-side logging of client interactions with our services. This includes web server access logging, as well as activity logging for actions taken through our API. These logs also include successful and unsuccessful login events.
Data centers are designed to secure your information against fire, water damage, and other environmental hazards such as power outages and extreme temperatures. Our data centers are staffed and monitored 24x7x365. Physical access to the facilities are strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Access to the data center floors requires successful two-factor authentication a minimum of two times. Workboard servers are in locked cages adjacent but isolated from co-located servers.
Workboard data is stored in secure computer data facilities in accordance with security best practices and IT standards including
- SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
- SOC 2
- SOC 3
- FISMA, DIACAP, and FedRAMP
- DOD CSM Levels 1-5
- PCI DSS Level 1
- ISO 27001
- FIPS 140‐2
- MTCS Level 3
Our data centers are audited annually for SSAE‐16 compliance. Workboard data physically resides inside the United States and, separately, in Germany for European customers.
eDiscovery and legal holds
Users can self preserve individual member action items or shared action items via print to PDF accessible on the user interface. Filters can be used to snapshot relevant information; filters used are shown on the PDF file generated as is the date the file was created. Attachments can be downloaded to the client side for preservation; screen shots can be taken if information visibility is an aspect of discovery. To prevent server-side disposal of attachments by a member of the team, contact our Enterprise Team immediately.