Trust Scaled Agile, Inc. to meet your security and data compliance requirements
Our comprehensive approach to security covers governance, risk management, and compliance for infrastructure, applications, and data. This includes encryption at rest, logical segregation and privacy, SSLv3/TLS encryption, multi-factor authentication, secure data backups and storage, administrative access control, security testing, and session monitoring and logging.
Our enterprise security program addresses security concerns at all layers of the security stack.
SAFe® applications leverage best-in-class service providers to ensure your data remains private, available, and secure. Our applications are built on Salesforce and Amazon Web Services (AWS) infrastructures, which maintain over 143 security standards and certifications such as PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171.
Scaled Agile conducts penetration testing for all its applications on an annual basis. Testing is carried out by an independent third-party testing partner and is certified by an Offensive Security Certified Professional (OSCP).
Scaled Agile provides each user in your organization with a unique username and password that must be entered each time a user logs in. MFA is available for your users should you choose to configure it. Only a customer-designated administrator has the authority to manage login accounts under the customer’s subscription.
Trust Scaled Agile to meet your security and data compliance requirements.
Scaled Agile protects sensitive information using FIPS 140-2 compliant encryption methods to ensure that your data is safe, secure, and available only to registered users in your organization. All connections to SAFe services require TLS encryption, and data at rest is encrypted at the platform or field level.
Scaled Agile adheres to the principle of least privilege in its application environments: employees are only authorized to access data that they reasonably must handle in order to fulfill their current job responsibilities.
Excessive privilege audits are conducted to minimize the risk of unnecessary access to customer data.
Security by design
Our security model follows SSDLC best practices to ensure security and privacy of customer data are considered as part of the software development lifecycle, not as an afterthought.
Scaled Agile is committed to providing high availability, even amidst difficult circumstances.
All employees and contractors complete initial and ongoing security and privacy awareness training to help minimize the risk of security incidents and data breaches. Scaled Agile retains 24×7 third-party incident response experts and maintains formal IR procedures that are tested annually to ensure that our organization is well-prepared to address potential security incidents.
Scaled Agile conducts annual disaster recovery and business continuity planning exercises to ensure that organizational functions can continue to operate during a declared disaster. Whether it is a manmade or natural disaster causing interruptions, Scaled Agile is committed to providing continuous service to our customers.
Backup and recovery
Backups of all customer data occur at least daily and are stored in an immutable format independent of production environments. The Scaled Agile backup and recovery program ensures that backups are tested for integrity and availability so you can be confident your data can be restored in the event of corruption or loss.
Still want to know more about our security program? Reach out to us, and we’ll connect you with our information security team.
Monitoring and logging
Scaled Agile continuously monitors and logs all security information related to application usage to support incident response, troubleshooting, and customer compliance requirements.
SAFe Enterprise is a system of knowledge, tools, and practices essential to successfully scale Agile across the enterprise. SAFe Enterprise bundles the critical components of learning, adapting, and practicing SAFe into a single platform, accessible to leaders and teams anytime, anywhere. With SAFe Enterprise, organizations now have the tools they need to start an Agile transformation, put SAFe to work every day, and make the transformation stick.
For over a decade, the Scaled Agile Framework® (SAFe®) has been the world’s leading framework for business agility. Today, SAFe is in its fifth iteration and has been adopted by more than 20,000 enterprises across the globe.