Cloud Software Security

Viewpath.com data security

Viewpath understands the projects you build and data you enter into our platform are core to your company’s future and competitive advantage.

We provide 128-bit SSL (Secure Socket Layer) encryption technology for all users logged into the Viewpath application. Viewpath is compatible with the current versions of Chrome, Firefox, Internet Explore, and Safari. All data transmitted between Viewpath and the user’s computer is fully encrypted during the entire login session.

Data facilities & infrastructure

The Viewpath application is hosted on the Google App Engine. The Google App Engine has successfully completed the audit process for the latest SSAE 16 Type II and ISAE 3402 Type II standards. This is addition to SAS 70 Type II audits (since 2008) that were conducted prior to June 15, 2011. These protections are highlighted in the Google security white paper and the Google data center video tour.

The Viewpath corporate site (including the application sign-up process for new customers) is hosted on dedicated servers at state-of-the-art facilities managed by Microsoft Azure. Azure is the only major cloud platform ranked by Gartner as an industry leader for both infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS).

In May 2009, Anitian Enterprise Security, a third-party security firm, thoroughly tested the data protection measures Viewpath uses on its dedicated servers. Viewpath also successfully completed rigorous security reviews in 2010, 2014 and 2015 which Salesforce.com requires before any application is allowed as a listing on the Salesforce App Exchange.

Payment transactions for the paid versions of Viewpath are processed through Zuora, a leading provider of subscription billing services. Zuora manages the subscription billing for many security-minded companies and maintains the very high standards required to meet Payment Card Industry (PCI) compliance.

Azure Security Controls and Capabilities

Azure delivers a trusted foundation on which customers can design, build and manage their own secure cloud applications and infrastructure.

  • 24 hour monitored physical security. Datacenters are physically constructed, managed, and monitored to shelter data and services from unauthorized access as well as environmental threats.
  • Monitoring and logging
  • Patching
  • Antivirus/Antimalware protection
  • Intrusion detection and DDoS
  • Zero standing privileges
  • Isolation
  • Azure Virtual Networks
  • Encrypted communications

Your organization’s data is protected

Viewpath ensures information is kept secure and private by preventing unauthorized users from accessing your data. Our security mechanisms restrict access to project data to all users except those to whom you have granted project visibility.

User access levels

  • Each user enters a unique username and password at the start of each Viewpath session. All passwords are stored in encrypted MD-5 hash format.
  • Viewpath secures user IDs, passwords and other user information so they’re never jeopardized.
  • Viewpath's resource access mechanisms ensure data access and user actions can be limited by each user's access level in each project.
  • Project managers have the capability to assign access levels in their projects to specific users and grant them permissions as required.