Physical data storage
Data is stored and replicated across state-of-the-art data centers operated by Amazon Web Services (AWS).
Regional data storage
Upon system setup, your data in the platform is stored in the data center associated with your region based on the address listed in your Order Form. However you may choose an alternative storage region to suit your physical, legal, security, or performance needs. All data is encrypted during transmission and at rest within the regional data storage facility.
Our system is provided from the following regions:
- North America (US)
- North America (Canada)
- Europe (Germany)
- Asia Pacific (Tokyo)
- Asia Pacific (Singapore)
- Asia Pacific (Australia)
- South America (Brazil)
- Africa (South Africa)
- GovCloud (US Federal)
- GovCloud (US SLED)
All customer data, including data in backups, are stored exclusively in the single hosting region
Exceptions
Some personally identifiable information in your licensed user profiles may be transferred to the United States region, including:
- First Name
- Last Name
- Email Address
Data Redundancy
All regional equipment is fully redundant and data is replicated or backed-up to alternate regional locations in case of failure.
In addition to this real-time redundancy, we back up all customer data, including field data and attached documents that are stored in your account within the system. A full backup of the entire system database is run hourly, daily, and weekly for a one-year period, for the purpose of restoring data integrity due to systemic or database failure, but not for the purpose of restoring user deleted data. As long as your subscription is active, your data will be backed up.
Data Availability
The maximum acceptable length of downtime for the service is 24 hours, even in the event of a disaster. The system recovery plan is tested to ensure this target can be met.
The maximum acceptable length of data loss is currently considered to be one hour, even in the event of disaster. Therefore, backup intervals are configured to allow for loss of customer data of one hour or less, depending on the time of system failure.
Data Retention
The system keeps all active or archived customer data continually when you have an active subscription, unless you choose to delete the data. You can determine:
- your own data retention controls for your active system
- the period for the retention of your data
- when you want to permanently delete data
System settings include the ability for designated system administrators to configure a time period after which archived project data is automatically and permanently deleted, but also allows the same on an ad hoc manual basis.
The vast majority of customers with active subscriptions rely on us to retain their data. However, you may choose to extract data for your own offline records as a secondary measure for data retention.
Note: As long as your subscription is active, this step is redundant and not necessary. As an example, if you maintain an active subscription for ten years, you will have ten years of data within the system (unless you choose to delete it).
Extracting or backing up data
There are several ways customers (authorized managers or administrators) can extract data at any time:
- Project reports can be saved to your network in PDF or Excel format.
- Entire projects can be extracted in a single compressed zip file, containing all system reports, native attachments, and an activity log for the audit trail.
- The reporting application can be used to extract customer data in a variety of formats, including comma delimited, Excel, Word, or PDF, among other options.
Customers are responsible for ensuring that only appropriate users are accessing their system and are authorized to do so.
We perform backups of customer data for the purpose
of restoring data integrity due to systemic or database failure, including field data and attached documents that are stored in your account within the system on an hourly, daily, and weekly basis for a one-year period.
Migrating data from another system
Migrating data from one customer data center to another can be a complex process. Although there is no automated process available, customers can:
- Hire a Diligent consultant to perform the migration tasks for their organization
- Perform the migration themselves by completing the procedure below
Most customers do not migrate in-progress projects. Best practice is to leave in-progress projects in the existing source system and start new projects in the new system.
Data Privacy
Customer data is considered confidential information and is handled securely by Diligent personnel. Customer data is never copied to assets outside the production environment, including employee laptops.
Any troubleshooting that needs to be performed on customer data is performed in the customer’s environment. When Diligent personnel need access to a customer environment, a ticket is generated indicating that Support accessed the instance, why the interaction was necessary, and what work was performed.
Actions by Diligent personnel on a customer’s system are limited to resolving the customer needs, and nothing more. Once a customer is satisfied with the result, and the ticket is closed, access is removed.
We collect only the minimum personally identifiable information necessary from your licensed users for purposes of account set-up, access to product resources, and system administration.
Data ownership
Customers own their data completely and are responsible for setting retention spans and for deleting unwanted content during the subscribed service and up to 30 days after termination or expiry of their subscription.
Customers have a responsibility of ensuring their data is in compliance with applicable policies, regulations, and laws, and Diligent has the responsibility of ensuring the platform hosting customer data is secure.