• Does Planview perform security awareness training for its employees, contractors, etc?

    Absolutely. Planview understands, in many cases, the best defense against cyber-attacks is the person behind the keyboard. As a result, at least annually, a formal security awareness training is held with an assessment at the completion to ensure the content was understood. Additionally, other avenues (blog posts, company messages, etc.) are utilized throughout the year to provide relevant information about recent trends in the information security world.

  • Who can access customer data?

    Role-based access is utilized to limit employee access to customer data. Access is reviewed regularly and removed upon an employee’s departure. Physical access to systems, where possible, is also restricted to only those who require it.

  • Do you perform vulnerability scans / penetration testing?

    Planview believes security by design and default isn’t just a saying. We test it regularly. Vulnerability scans are performed monthly, at a minimum. Additionally, Planview engages with an independent third party to perform rigorous penetration testing on each of its products on an annual basis.

  • Will Planview provide test results?

    Detailed test results tend to contain information which would be considered confidential (ex. Hostnames, internal IP addresses, usernames, etc). That being said, Planview can provide executive summaries of its annual penetration tests under a non-disclosure agreement.

  • How does Planview manage change to its products?

    Planview adheres to a rigorous change management policy and process which is aligned with the ISO 27001 standards and audited annually. As part of this, Planview has a Change Advisory Board (CAB) which approves changes prior to deployment. Planview maintains separate (non-production) environments which are used to perform numerous tests prior to deploying changes to production.

  • How do I report a security breach or incident?

    Planview provides support services to ensure that customers can easily report issues to the appropriate contacts:

    For Planview Portfolios, AgilePlace, and PPM Pro, please visit https://support.planview.com, click Submit Case, work through the steps to select the product and version as applicable, and then choose Security in the Type drop-down list.

    For AgilePlace, visit https://success.planview.com/Planview_AgilePlace/Support, click the Submit a Case link, and select Security in the Type drop-down list.

    For ProjectPlace, visit https://success.planview.com/Projectplace/Projectplace_Support, click the Submit a Case link, and select Incident in the Type drop-down list.