Enterprise security

The industry’s highest security and privacy tools are built into Workfront project management software so you know your data — and your customer’s data — are protected.


Enterprise-gradient security for your business-critical data.

It’s more than ones and zeroes. It’s your business-critical data and your customers’ personal information. It’s contractual obligations, industry regulations and we’re serious about protecting it.

We built Workfront’s data privacy programme on industry recognised standards, including the ISO 27000 series of standards and the AICPA’s Trust Services Principles. Role-based permissions ensure that the right data is accessible to the people who need it and built-in safeguards help you to meet legal regulations such as GDPR and CCPA, as well as contractual and organisational regulations.


See what makes it work.

Industry-recognised encryption
Workfront uses AES 256-bit encryption to protect data at rest in backend data shops and TLS 1.2 (or higher) to protect data in transit.

Application penetration testing
Workfront conducts annual penetration testing through advanced third-party organisations following industry standards. We also vet our applications against OWASP’s Top 10.

Data location and redundancy
Workfront’s products are hosted both on Amazon Web Services (AWS) and Google Cloud Platform (GCP), whose environments are built with with the ability to distribute documents and servers between various physical locations, allowing for effective redundancy and protection against disaster.

Role-based access
Access to production systems and data is restricted to vetted, authorised personnel based on roles and using principles of least privilege and multiple authentication factors. Access to data is logged and monitored.

Data storage and isolation
Data is always stored properly — either encrypted at rest in our backend databases or as an object store in the cloud.

Single sign on
Workfront simplifies access control with integrations that plug into the most popular SSO solutions, including LDAP, Active Directory and other Federated solutions that support SAML 1.1/2.0.

Workfront has both a SOC2 Type 2 attestation and ISO 27001 certification.

To learn more about these or to get a copy of these artefacts, please contact your Workfront account executive.

Learn more