Secure project management software - GanttPRO

GanttPRO is a product of XB Software Ltd., the member of Belarus Hi-Tech Park - one of the leaders among innovative IT clusters in Central and Eastern Europe. The company has more than 10 years of experience and 150+ employees.



GanttPRO implements a variety of security measures to maintain the safety of our secure project management software and your personal and business information.

Certificates

XB Software Ltd. is certified by ISO 27001 (the international Standard for best-practice information security management systems (ISMS) and ISO 9001 (the international Quality Management System standard (QMS). GanttPRO payments comply with the Level 1 Payment Card Industry Data Security Standard (PCI-DSS) requirements.

Strict NDA

All employees of XB Software Ltd. must sign an NDA to be able to work at GanttPRO. Additionally, we may sign an NDA with your company (only for annual contracts).

Network and system security

To prevent your information from being read or changed while in transit and provide the strongest privacy and integrity protection, all internal and external requests to GanttPRO are transmitted in our project management software via Secure Socket Layer (SSL) technology using HTTPS protocol.

World-class cloud platform

GanttPRO uses MS Azure cloud, one of the world’s most stable and secure cloud server infrastructure. Security and privacy are built into the Azure platform. Microsoft is committed to the highest levels of trust, transparency, and standards conformance, and regulatory compliance with the most comprehensive set of compliance offerings of any cloud service provider.

Server infrastructure and VPN

As an additional security layer, we’ve built our own dedicated virtual private network (VPN) inside MS Azure cloud. Therefore, your data is cryptographically protected from any attempts to access your data from Microsoft or other third parties.

File storage

GanttPRO uses the Azure File Geo-redundant storage (GRS) to store users’ documents, images, and other files. All files are stored by the encrypted path and strictly limited access level. GanttPRO has malware protection for files users upload into the system of our secure project management software.

Access logs

To provide additional data access protection layer, we store each external request to GanttPRO with an IP address of a requester. Additionally, we log all activity made in projects by people who have rights to do it.

User personal data protection and administration

Each GanttPRO user has his/her own email address and password. The password is stored in our database in a hashed format (SHA512). That means nobody except you can see or get your password because it’s encrypted and cryptographically protected.

Team and projects data protection and management in GanttPRO software

GanttPRO has several security layers to keep team and projects data fully private and secure. All content that is created or imported to GanttPRO is designated as private. Each project and task are cryptographically protected from changes and deletion by a user with insufficient team level or project level access rights.

Security and privacy audit

GanttPRO periodically reviews code, people, and server infrastructure for security and privacy issues. Additionally, we employ a third party to perform periodic security audits of our application.

Availability

According to our statistics, now GanttPRO has 99.92% uptime what means we stop servers only for maintenance during large updates of functionality and system structure.

Secure development lifecycle

In GanttPRO, the development lifecycle security is our priority. For this, on a regular basis we:

  • Define security policies and requirements.
  • Apply security best practices in every stage of the project development lifecycle.
  • Review the security of architectures.
  • Review source code for security quality, weaknesses, and vulnerability.
  • Manually assess and dynamically scan the pre-production environment.
  • Conduct security trainings for our development team.

Releases lifecycle

GanttPRO releases large updates every 2-3 months. Also, we deploy bug fixes and small functionality improvements each 1-2 weeks. All our updates (small and large) are deeply tested by the professional QA team.

Account and content recovery

If you accidentally deleted a user or tasks from your project in GanttPRO, we can safely recover them. For this, contact us within 10 business days. Some information from a user’s account can be recovered even within a month.

Privacy policy

Please refer to the GanttPRO privacy policy to get more details about how GanttPRO collects, uses, controls, and shares personal information on the Site.

GanttPRO is GDPR compliant. It means that all personal information is kept confidential. Please read more on GDPR here.

Terms of service

Please refer to the GanttPRO Terms of Service to get more details about how we deliver the service.

More

Unfortunately, we can not disclose all the details and techniques for security reasons. If you have any questions about the GanttPRO security or have any concern, please, contact us at support@ganttpro.com. We would like to hear your feedback.

Last update: 14.08.2018