Safety &

The ProjectManager security framework consists of standards and practices that form a multi-tiered approach to safeguarding data integrity and confidentiality and infrastructure and network stability. That means we embed best practices for industry compliance through internal processes along with regular reviews and audits to maintain the most up-to-date security practices and protocols. The ProjectManager (PM) Security Framework includes:

  • Application security
  • Network & infrastructure security
  • Data security
  • Organizational security
  • Cloud security
  • Industry compliance

The ProjectManager security processes support full redundancy, vulnerability management and business continuity plans.


Your data is securely encrypted. ProjectManager stores all customer data in Amazon AWS using industry standard best practices for encryption and access control. Information in transit is encrypted using SSL, and all encryption technologies are audited annually to ensure compliance to the most current standards.


We’ve partnered with Amazon Web Services (AWS), the world’s leading cloud hosting platform. Our information is restricted using access controls, and all data access functions are logged and audited. Customer data is replicated across multiple availability zones to ensure uptime, and Amazon’s powerful monitoring and security tools such as AWS Inspector, CloudWatch, and are used to monitor systems for security and reliability.

Disaster recovery & continuity

The ProjectManager service is deployed using infrastructure-as-a-service and is hosted across multiple availability zones within Amazon Web Services. We seamlessly deploy new servers and functionality to handle the growth of our service, and our team monitors the performance and behavior of our service continuously using DataDog and OpsGenie.


We safeguard customer privacy and confidentiality of sensitive information, and access to customer data is strictly limited to select personnel and only on an as-needed basis. Our privacy policy discloses the type of information we can collect and how we may use this information. We do not collect personally identifiable information unless voluntarily submitted by visitor to our sites or service.


The ProjectManager servers and cloud platform meet the following standards for certification, capability and compliance:

  • SOC-2 audit compliance
  • NIST CyberSecurity Framework

ProjectManager has selected Drata to monitor its compliance with SOC-2 Type 2 standards. We follow industry-standard guidelines for other frameworks including the NIST Cyber Security Framework, and we continually monitor our performance and capabilities to ensure that they meet relevant guidelines for security across the industry.

Trusted by 35,000+ users worldwide

Logos of companies that use ProjectManagerLogos of companies that use ProjectManager

Drata Security Evaluation

ProjectManager security report

ProjectManager partnered with Drata to monitor and evaluate our company security practices. View our Drata security report for more information and documentation.

View Drata report