Private and Protected

24/7 monitoring

Planhat uses an industry standard application management solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Robust SIRP

Planhat has developed a robust Security Incident Response Process to address security events efficiently and quickly. We screen and evaluate issues continuously, immediately remediating all critical issues and prioritising less pressing issues for resolution as part of the standard release and development process.

Dedicated security services

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

Daily & intraday backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure multi-location storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

TLS in-transit

We deploy TLS 1.2 or 1.3 (browser dependent) on all HTTPS requests to ensure in-transit data remains private and secure.

AES-256 at-rest

We use AES 256-bit encryption to protect data at-rest.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorised access.

SAML

Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Login restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the individual object property. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

Distinct workspaces

Workspaces allow you to architect Planhat around specific use cases like new business sales, customer support and revenue operations. They foster privacy by showing your team what they need, and eliminating the rest.

SOC 2 Type II

Planhat’s exceptional security standards and policies have been independently validated in a SOC 2 Type II audit.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.