Enterprise-grade security & compliance

Your PMO deals with enough Risk.

At RAIDLOG.com, your security is our top priority. We are committed to safeguarding your data while providing exceptional application performance and a seamless user experience. Here, you will find information on our security practices, policies, and how we protect your information.

If you have a security question or concerns, please report it here.

For PM’s by PM’s

Unmatched End-to-End Security

RAIDLOG is hosted exclusively on the Google Cloud Platform (GCP), offering robust, built-in end-to-end security and privacy features. Our team goes above and beyond with proactive measures to maintain a secure infrastructure environment. For more detailed information on GCP security, please visit the Google Cloud Trust Center.

A.I. Privacy 

Current Features
  • Data is only sent to the AI when the PM initiates it.
  • The only data sent to the AI is whatever the PM put into the project description.
  • Data is encrypted in transmission and at rest in our db.
  • The AI API Platform terms of service state that they will not use this data for training.

    Learn more here: https://openai.com/enterprise-privacy/

Future Features

The future AI features of RAIDLOG will have additional privacy options:

  • These features will always be opt-in. You will be able to enable or disable them for your workspace.
  • Access to RAID items is walled-off by workspace:  other organizations cannot see your RAID items, nor will their AI be ‘educated’ on your data.
  • You will have your choice of multiple AI providers, and our plan is to have at least one of those providers be a sandboxed, private AI.
  • Our technical AI approach does not involve training an AI on your data. We use vector embeddings for semantic similarity searches, then interpret the results (Retrieval Augmented Generation). If you like you can read more about the technology here. To oversimplify, it is like a really smart search engine querying your data. The engine doesn’t know or remember your data, but it can intelligently search and interpret and present that data.

 Please Note! This will be documented more formally when the features are released. 

Data Privacy & Compliance 

RAIDLOG's Data Center location

RAIDLOG is primarily hosted in a USbased Google data center.

EMEA/APAC members: For future European clients, we have a tenant in the Belgium Google data center; This tenant will be enabled to host European enterprises when needed.

Who owns the data stored in RAIDLOG?

Your privacy is important to us, all data collected and stored follows GDPR compliance. View our Privacy Policy for a complete outline of how RAIDLOG manages and protects your privacy.

How easy is it to export your data if needed?

The process is simple – reach out to our Support Desk at support@raidlog.com or easily click the green chat box, in the lower right of your screen and submit a support ticket. A member of our team will reach out and complete the process for you.

Friendly Reminder! The ability to export is exclusively available to RAIDLOG Enterprise Tenant Owners only.

How do we handle data backups and disaster recovery?

RAIDLOG stores all customer data on fully redundant storage systems, and utilize a multi-tiered backup approach. Customer data is backed up offsite during a nightly full system backup.

What encryption methods are used for data at rest and in transit?
  • InTransit Encryption: All data transmitted between clients and our servers is encrypted using Transport Layer Security (TLS), protecting against unauthorized access and tampering.

     

  • AtRest Encryption: Data stored in our application is encrypted using AES256 encryption. Strict access controls and auditing on GCP ensure only authorized personnel can access data, with all access logged and monitored.
How do we handle data breaches or security incidents?

Any security related incidents such as data breaches, compliance issues, or any other complaint or concern should be reported immediately to support@raidlog.com.

All incidents are tracked by operations management until resolved, and closed incidents are reviewed by operations personnel for appropriate resolution.

How do we ensure compliance with industry regulations and standards?

Authentic + Access Control

Authentication

We utilize the Google Identity Platform for authentication, supporting various providers such as Password, Google, Microsoft, SAML, and OAuth SSO.

Role-Based Access Control (RBAC)

Implemented on a pertenant basis, ensuring users have access only to necessary data and functions.

 

Data Access Control
  • RBAC: Ensures employees have minimal necessary permissions.
  • Logging and Monitoring: All access and sensitive operations are logged and
    monitored to detect and respond to unauthorized activities.
  • Periodic Reviews: Regular access permission reviews to revoke unnecessary access.
  • Employee Training: Regular security training for employees on best practices and
    potential threats.

 

Hosting + Infrastructure 

Google Kubernetes Engine (GKE)

RAIDLOG is hosted on the Google Cloud Platform (GCP), leveraging its robust security infrastructure – built-in security features such as automated updates, patching, and workload isolation.

Secure Development Practices

RAIDLOG uses GitHub for version control with secure coding practices, MultiFactor Authentication (MFA) for access control, and no storage of secrets or credentials in version control.

Secrets Management

Sensitive information, like API keys and credentials, is securely stored and accessed through Google Secret Manager.

Database Security

Our data is hosted on Neo4j Aura, which provides encryption at rest and other security features.

Scalability & Performance

How do we handle scalability for large organizations with multiple projects and teams?

What performance guarantees do we offer, especially during peak usage times?

Talk with our sales team

Fill out your information and a RAIDLOG representative will reach out to you. Have a simple question?

Empower your PMO with a unified platform to efficiently monitor project health.

Integrate with current PPM tools

Through native integrations, Zapier compatibility, or RAIDLOG's open API, you can effortlessly synchronize and leverage the power of RAIDLOG across your entire project ecosystem.

 
 

700+ companies globally

Unlock tailored pricing aligned with your company's strategic objectives. Enjoy a premium onboarding experience and dedicated integration support for a swift and successful implementation.

Be apart of our 1,000,000

Become a vital part of our mission to rescue 1 million projects from failure by 2030. Our revolutionary Risk AI tool and Lessons Learned module are game-changers, empowering PMO leaders to cultivate project managers who grow stronger every day.

RAIDLOG

Do You Have A Security Related Question?

 

We’re here to answer any questions you have about security at RAIDLOG.