Planhat | Security

Protocols,
not protections.

The infinite frontier

To us, Security means eliminating every possible threat to data while it is within – or interacting with – Planhat. Since both our technologies and the threats to them are evolving continuously, our Security approach is equally continuous and proactive – underpinned by robust protocols rather than static protections. For this reason, every Planhat user benefits from always-on, enterprise-grade Security – ranging from 24/7 threat monitoring through to granular field-level permissions across role or team.

Protocols, not protections.

The infinite frontier

To us, Security means eliminating every possible threat to data while it is within – or interacting with – Planhat. Since both our technologies and the threats to them are evolving continuously, our Security approach is equally continuous and proactive – underpinned by robust protocols rather than static protections. For this reason, every Planhat user benefits from always-on, enterprise-grade Security – ranging from 24/7 threat monitoring through to granular field-level permissions across role or team.

Protocols, not protections.

The infinite frontier

To us, Security means eliminating every possible threat to data while it is within – or interacting with – Planhat. Since both our technologies and the threats to them are evolving continuously, our Security approach is equally continuous and proactive – underpinned by robust protocols rather than static protections. For this reason, every Planhat user benefits from always-on, enterprise-grade Security – ranging from 24/7 threat monitoring through to granular field-level permissions across role or team.

secure

Your built-in contingency plan.

Planhat maintains best-in-class data security protocols across both platform and services. We provide constant monitoring, enterprise-grade SIRP and dedicated security support as standard.

24/7 Monitoring

Planhat uses an industry standard security solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Dedicated Security Team

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.

ISO27001

Planhat’s exceptional security standards and policies have been independently validated in a ISO27001 audit.

Robust SIRP

Planhat has developed an Incident Response Plan to manage security events with efficiency and precision. Critical issues are addressed immediately, while less pressing concerns are prioritized for resolution within our standard development and release cycles.

secure

Your built-in contingency plan.

Planhat maintains best-in-class data security protocols across both platform and services. We provide constant monitoring, enterprise-grade SIRP and dedicated security support as standard.

24/7 Monitoring

Planhat uses an industry standard security solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Dedicated Security Team

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.

ISO27001

Planhat’s exceptional security standards and policies have been independently validated in a ISO27001 audit.

Robust SIRP

Planhat has developed an Incident Response Plan to manage security events with efficiency and precision. Critical issues are addressed immediately, while less pressing concerns are prioritized for resolution within our standard development and release cycles.

secure

Your built-in contingency plan.

Planhat maintains best-in-class data security protocols across both platform and services. We provide constant monitoring, enterprise-grade SIRP and dedicated security support as standard.

24/7 Monitoring

Planhat uses an industry standard security solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Dedicated Security Team

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.

ISO27001

Planhat’s exceptional security standards and policies have been independently validated in a ISO27001 audit.

Robust SIRP

Planhat has developed an Incident Response Plan to manage security events with efficiency and precision. Critical issues are addressed immediately, while less pressing concerns are prioritized for resolution within our standard development and release cycles.

secure

Your built-in contingency plan.

Planhat maintains best-in-class data security protocols across both platform and services. We provide constant monitoring, enterprise-grade SIRP and dedicated security support as standard.

24/7 Monitoring

Planhat uses an industry standard security solution to monitor all systems 24/7 and trigger alerts based on event logs. Our global team is on-call to address threats and resolve incidents as soon as they arise.

Dedicated Security Team

Planhat has a dedicated squad of security specialists as part of its global platform team. They conduct regular security reviews and risk assessments and can provide targeted protocols and SLAs to meet unique security needs.

Reliable and secure infrastructure partners

Planhat uses Google Cloud Platform (GCP) and hosts services within its own secure cloud environment. Read about our partnership here.

ISO27001

Planhat’s exceptional security standards and policies have been independently validated in a ISO27001 audit.

Robust SIRP

Planhat has developed an Incident Response Plan to manage security events with efficiency and precision. Critical issues are addressed immediately, while less pressing concerns are prioritized for resolution within our standard development and release cycles.

PROTECTED

Data made indestructible.

Planhat stores all your data in secure, distributed, and fully redundant databases through scheduled daily and intraday backups. Our encryption protocol – in transit and at rest – is virtually impenetrable.

SOC 2 Type II

Planhat’s is SOC 2 Type II certified, guaranteeing protection of sensitive data and adherence to global regulatory requirements.

Daily & Intraday Backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure Multi-Location Storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as Standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

TLS in-transit

Planhat forces HTTPS on all connections and encrypts data in-transit with TLS 1.2 or 1.3 (browser dependent) to ensure in-transit data remains private and secure.

AES-256 at-rest

All data at-rest is secured using AES 256-bit encryption, a best-in-class standard designed to safeguard sensitive information.

PROTECTED

Data made indestructible.

Planhat stores all your data in secure, distributed, and fully redundant databases through scheduled daily and intraday backups. Our encryption protocol – in transit and at rest – is virtually impenetrable.

SOC 2 Type II

Planhat’s is SOC 2 Type II certified, guaranteeing protection of sensitive data and adherence to global regulatory requirements.

Daily & Intraday Backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure Multi-Location Storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as Standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

TLS in-transit

Planhat forces HTTPS on all connections and encrypts data in-transit with TLS 1.2 or 1.3 (browser dependent) to ensure in-transit data remains private and secure.

AES-256 at-rest

All data at-rest is secured using AES 256-bit encryption, a best-in-class standard designed to safeguard sensitive information.

PROTECTED

Data made indestructible.

Planhat stores all your data in secure, distributed, and fully redundant databases through scheduled daily and intraday backups. Our encryption protocol – in transit and at rest – is virtually impenetrable.

SOC 2 Type II

Planhat’s is SOC 2 Type II certified, guaranteeing protection of sensitive data and adherence to global regulatory requirements.

Daily & Intraday Backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure Multi-Location Storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as Standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

TLS in-transit

Planhat forces HTTPS on all connections and encrypts data in-transit with TLS 1.2 or 1.3 (browser dependent) to ensure in-transit data remains private and secure.

AES-256 at-rest

All data at-rest is secured using AES 256-bit encryption, a best-in-class standard designed to safeguard sensitive information.

PROTECTED

Data made indestructible.

Planhat stores all your data in secure, distributed, and fully redundant databases through scheduled daily and intraday backups. Our encryption protocol – in transit and at rest – is virtually impenetrable.

SOC 2 Type II

Planhat’s is SOC 2 Type II certified, guaranteeing protection of sensitive data and adherence to global regulatory requirements.

Daily & Intraday Backup

Put nothing at risk with near-continuous backup of your entire Planhat environment and database.

Secure Multi-Location Storage

We mitigate correlated risk by storing all backups in geographically separate locations to our main warehouse.

Redundancy as Standard

Planhat is architected to ensure no system or device has a single point of failure. Data is always written to two locations when stored.

TLS in-transit

Planhat forces HTTPS on all connections and encrypts data in-transit with TLS 1.2 or 1.3 (browser dependent) to ensure in-transit data remains private and secure.

AES-256 at-rest

All data at-rest is secured using AES 256-bit encryption, a best-in-class standard designed to safeguard sensitive information.

PRIVATE

Hidden in plain sight.

Planhat supports SSO, SAML and advanced login configurations, and allows you to restrict access down to individual fields by role, team and portfolio. We’re committed to industry-leading compliance standards.

GDPR & CCP compliance

Committed to compliance with Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Login Restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

SAML

Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorized access.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the object, all the way down to individual object properties. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

PRIVATE

Hidden in plain sight.

Planhat supports SSO, SAML and advanced login configurations, and allows you to restrict access down to individual fields by role, team and portfolio. We’re committed to industry-leading compliance standards.

GDPR & CCP compliance

Committed to compliance with Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Login Restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

SAML

Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorized access.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the object, all the way down to individual object properties. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

PRIVATE

Hidden in plain sight.

Planhat supports SSO, SAML and advanced login configurations, and allows you to restrict access down to individual fields by role, team and portfolio. We’re committed to industry-leading compliance standards.

GDPR & CCP compliance

Committed to compliance with Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Login Restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

SAML

Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorized access.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the object, all the way down to individual object properties. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

PRIVATE

Hidden in plain sight.

Planhat supports SSO, SAML and advanced login configurations, and allows you to restrict access down to individual fields by role, team and portfolio. We’re committed to industry-leading compliance standards.

GDPR & CCP compliance

Committed to compliance with Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Login Restrictions

Non-SAML users can restrict which login methods (Google SSO, Email login) are permitted in their workspace as an additional security layer.

SAML

Planhat offers SAML 2.0 standard with Okta, Azure AD, GSuite, ADFS and Custom SSO. Across these, we support both Service Provider (SP) initiated and Identity Provider (IdP) initiated flows. Admins can configure whether to use IdP or both.

Single sign-on (SSO)

Users can authenticate themselves into Planhat using SSO. Session length and time-based log-out restrictions can be configured to mitigate the probability of unauthorized access.

Property-action permissions

Permission specific actions like view, create, update and export at the level of the object, all the way down to individual object properties. Allow different roles to access different subsets of your customer database by individual portfolio, team or specific customer segments.

Granular user roles

Create an infinite number of fully custom user roles with highly granular permissions on property access, features like customer conversations and revenue, and account portfolios. Restrict access to system-level privileges with designated Admins.

Trusted by global industry leaders

FAQ

Do you encrypt data both in transit and in rest?

Is there an Incident Response Plan in place?

How often is my data backed up?

Do you have a defined Business Continuity and Disaster Recovery (BCDR) Plan?

Do you have a Data Processing Agreement (DPA) in place?

Do you use sub-processors?

Do you conduct employee security awareness training?

What security compliance standards do you follow?

Is Planhat GDPR compliant?

Do you conduct third-party penetration testing?

Do you have a VDP?

Do you encrypt data both in transit and in rest?

Is there an Incident Response Plan in place?

How often is my data backed up?

Do you have a defined Business Continuity and Disaster Recovery (BCDR) Plan?

Do you have a Data Processing Agreement (DPA) in place?

Do you use sub-processors?

Do you conduct employee security awareness training?

What security compliance standards do you follow?

Is Planhat GDPR compliant?

Do you conduct third-party penetration testing?

Do you have a VDP?

FAQ

Do you encrypt data both in transit and in rest?

Is there an Incident Response Plan in place?

How often is my data backed up?

Do you have a defined Business Continuity and Disaster Recovery (BCDR) Plan?

Do you have a Data Processing Agreement (DPA) in place?

Do you use sub-processors?

Do you conduct employee security awareness training?

What security compliance standards do you follow?

Is Planhat GDPR compliant?

Do you conduct third-party penetration testing?

Do you have a VDP?

FAQ

Do you encrypt data both in transit and in rest?

Is there an Incident Response Plan in place?

How often is my data backed up?

Do you have a defined Business Continuity and Disaster Recovery (BCDR) Plan?

Do you have a Data Processing Agreement (DPA) in place?

Do you use sub-processors?

Do you conduct employee security awareness training?

What security compliance standards do you follow?

Is Planhat GDPR compliant?

Do you conduct third-party penetration testing?

Do you have a VDP?

Security

Security

Security

Protocols,not protections.

Protocols, not protections.

Protocols, not protections.

Your built-in contingency plan.

Your built-in contingency plan.

Your built-in contingency plan.

Your built-in contingency plan.

Data made indestructible.

Data made indestructible.

Data made indestructible.

Data made indestructible.

Hidden in plain sight.

Hidden in plain sight.

Hidden in plain sight.

Hidden in plain sight.

Trusted by global industry leaders

FAQ

FAQ

FAQ

Protocols,
not protections.