SECURITY & CONTROLS

A safe and sound solution

As an Amazon Web Services Advanced Technology Partner, Crownpeak meets the highest industry standards for security and regulatory compliance.

Learn more

Play it safe

We take the security of your data seriously

Protecting the safety and integrity of an organization's data is critical to our success. As an enterprise web content and Digital Experience Management platform used by many of the world’s largest companies including those operating in very high regulated environments, we apply system and data security protections at all layers of the technology stack.

web security seatbelt

Safety first

Encrypted at every turn

Using inheritance-based access control lists (ACLs), administrators can define access rules for all the content managed by Crownpeak. Data is encrypted in transit throughout the Crownpeak Platform; encryption for data at rest is also available. All storage is wiped to US DoD 5220.22-M or NIST 800-88 standards both before it is provisioned for use by the Crownpeak Platform and after it is released.

Roped barrier

Functional security

You dictate who gets access

Group-based ACLs are defined to partition and regulate the functions any given group can perform. Users must have access to both the asset and the particular function they wish to carry out before they can perform any action on any asset.

Workflow security

Grant permissions based on workflows

You can configure as many workflow and approval streams as necessary to support the governance rules of your company. Every asset within the Crownpeak platform repository is subject to one of the defined workflows, which further restricts when, how and by whom it may be manipulated.

jump through hoops compliance

Regulatory compliance

We jump through the hoops so you don’t have to

In order to serve the wide variety of needs for some of the world’s largest corporations, Crownpeak utilizes technologies and processes that meet the highest industry standards for security and regulatory compliance.

Our certifications

  • FISMA (Low – NIST 800-53)
  • FISMA (Moderate – NIST 800-53)
  • TRUSTe Cloud Privacy
  • US-EU Safe Harbor
  • US-Swiss Safe Harbor
  • Amazon Web Services
  • SSAE 16 SOC 1 Type 2
  • SSAE 16 SOC 2 Type 2
  • ISAE 3402 - FedRAMP
  • NIST 800-37 - DIACAP
  • PCI DSS Level 1
  • ISO27001
  • FIPS 140-2
Positioned as a visionary three years in a row.
2016 Gartner Magic Quadrant for Web Content Management.
Download the report