Maindeck Security dry-docking management software banner

Security

At Maindeck, we understand that the confidentiality, integrity, and availability of your data is vital to your business, and we take our responsibility to protect it very seriously.



Application security

Visibility and control of all project access
Maindeck has implemented strict permission levels so you can control who has access to your projects.

Industry leading encryption in transit
All data transfers from a device to Maindeck's secure cloud with industry standard 2048-bit SSL encryption.

Secure authentication
Passwords are stored and transmitted securely and hashed using a strong salt. Maindeck's public enterprise API utilizes the industry-standard authorization protocol OAuth 2.0.

Automated vulnerability detection
All Maindeck applications are scanned weekly for vulnerabilities, including but not limited to OWASP Top 10.

Protection against application attacks
Maindeck uses controls and technologies to prevent attackers from exploiting application-level vulnerabilities.



Infrastructure security

Strict access control policies
Access to customer data internally is limited and provided only when absolutely required or requested by the customer. Code repositories are protected using multifactor authentication.

Risk mitigation
Document uploads are restricted to specific file types to prevent malicious code from being executed on clients or on our cloud hosting machines.View the full list of supported file types.

Secrets management
Maindeck uses SaaS industry standard processes for managing and storing encryption keys.

Automated vulnerability detection
Maindeck's infrastructure is scanned daily for vulnerable packages.

DoS and DDoS protection
Maindeck's applications and infrastructure are protected against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, ensuring our high uptime.

Multifactor authentication
Access to the production environment is restricted to a few authorized Maindeck personnel. Multifactor authentication is always required to access production systems.



Physical security

Highly secure cloud
Maindeck hosts data in Google data centers, which is an industry leader in secure hosting facilities management. Read more about security at Google.

Access to Google data centers requires multi-factor authentication, and all access is logged. Logs are routinely audited. Professional security staff are present at the data centers 24/7. Uninterruptible Power Supplies prevent downtime and backup generators are installed in every data center.



Available worldwide

World-class cloud service you can count on
Maindeck's SLA ensures 99.5% uptime for services. Databases and infrastructure are available in multiple countries worldwide, allowing resilience in the face of natural disasters or service interruptions.



Compliance

Application and data portability
Maindeck provides well documented and easily accessible interfaces to help ensure customer data is not 'locked in' and that the cost for moving to another cloud provider is minimal.

Third party security assessments
Maindeck's applications are tested using industry leading vendors.

Continuous Education
All Maindeck employees are trained on security best practices at time of hire and are re-trained annually.

Third party vendor review
Our vendors work just as hard as we do to ensure your data is safe and secure. All third party vendors are audited for compliance with Maindeck's security standards.