Security at WorkSpan
Awesome technology is only valuable when it is fully trusted and battle tested. WorkSpan has taken trust and security extremely seriously from the day we were founded. We continue to take that responsibility extremely seriously today. We respect your data as if it was our own and our teams work tirelessly to continue to earn that trust every day.
What You Can Expect
We look forward to earning your trust as well, so you and your organization can take advantage of the awesome technology WorkSpan provides to help you run your business and drive more revenue with your partner ecosystem!
Learn more about our certifications and security standards below. Of course, if you have questions, we’re always here to help.
WorkSpan Powers Secure Partner Ecosystems
Access Security
WorkSpan has sophisticated attribute-based access control for fine-grained security. Attribute-based access control is designed for the unique requirements of securing data over a network.
Fully SOC2 and GDPR compliant, WorkSpan has already passed the rigorous security reviews of the top technology companies in the world.
Data Security
WorkSpan comes with peace of mind. You decide data privacy policies once and then securely share joint opportunities, sales plans, solutions across your ecosystem with confidence.
You can even enable Privacy Mode to limit what's shown on your own screen when sharing over a conference call!
Program Security
WorkSpan helps partner professionals digitize, streamline, and report on large and varied ecosystems of partners.
Easily govern simple and complex partnering models, from "one-to-one" partnerships to "one-to-many" scaled channels, and "many-to-many" partner-to-partner motions.
Certifications
SOC II
WorkSpan strictly adheres to AICPA’s Trust Service Principles. Our SOC 2 report is unique to our business practices. WorkSpan undergoes a regular third-party audit to certify individual products against this standard.
For more information on WorkSpan’s SOC 2 certification, please send an email to privacy@workspan.com.
GDPR
WorkSpan can provide evidence for GDPR compliance—including requests for access of profile information, rectification, erasure, and portability requests. Email privacy@workspan.com for more information.
Our SOC 2 Tenets
Availability
WorkSpan takes immense pride in ensuring that we continue to meet our business objectives based on contracts and Service Level Agreements (SLAs). We take stringent measures, including disaster recovery, incident management, and change management, to ensure the operational readiness of information and systems.
Security
Security is serious business at WorkSpan. We are committed to the protection of information and systems resources against unauthorized access, theft, or misuse of the software. We enforce cutting edge protective measures, including multi-factor authentication, intrusion detection, and network & application firewalls.
Confidentiality
If data can be accessed and disclosed only to a specific set of persons or organizations, then it is confidential. WorkSpan enforces rigorous safeguards to ensure that your confidential data stays that way. We bring to bear fail-secure guards including attribute-based access control and data encryption.
A SOC 2 report is ideal for SaaS and cloud service organizations that want to assure customers that their information is secure and will be available whenever needed. A SOC 2 report also helps organizations to establish the effectiveness of any controls that may be required by their governance process. Enterprises view SOC 2 compliance as a critical requirement when considering a SaaS provider. We cannot overstate the importance of WorkSpan attaining this certification.For more information on WorkSpan’s SOC 2 certification, please send an email to privacy@workspan.com.
For more information on WorkSpan’s SOC 2 certification, please send an email to privacy@workspan.com.
We Take GDPR Seriously.
1. Right to access:
You can access your personal profile and communication preferences via a secure page on WorkSpan.
2. Right to rectification:
You can update your personal profile and communication preferences via a secure page on WorkSpan.
3. Right of erasure:
You can request that we erase some or all of your personal data from our systems.
4. Right to portability:
You can request an export of your personal data.
5. Right to object:
You can contact us to let us know that you object to the further use or disclosure of your data for certain purposes.
Data Security With Zero Compromises
Data is stringently protected via encryption:
- Data in flight is secured via 128 bit TLS 1.2 using AES_128_GCM with ECDHE_RSA key exchange.
- For Data at rest, each cloud storage object’s data and metadata is encrypted under the 256-bit Advanced Encryption Standard (AES-256).
- Record Level: Selectively share specific records with your partner companies, specific users in the partner companies, or within your company.
- Field Level: WorkSpan’s extensible architecture enables you to add shared and private fields. Private fields are only viewable to people in your own company. Shared fields allow you to share the data with your partner teams.
- Owner Mode: Most restrictive mode, where only the owner can share the data.
- Example: Only the owner can add new users or companies, and set the company flags for employees to find and request to join.
- Partner Mode: Delegate the sharing to other member users, facilitating seamless collaboration.
- Example:All members can share with new users and companies. However, they can only grant access level equivalent to or below the access level that the member has.
- Network Mode: Broadcast to all companies on the network.
- Example: All members can share with new users and companies. However, they can only grant access level equivalent to or below the access level that the member has. In addition, any user from any company on the WorkSpan Network can discover and request to join.
Your Privacy Will Always Be Protected.
- Create and manage user profiles
- Communicate with you about the services
- Enable communication and collaboration between users of the services
- Contact you about service announcements, updates, or offers
- Provide support and assistance for the services
- Provide your employer or sponsoring organization with information about your usage of the services
- Personalize content and communications based on your preferences
- Meet contract or legal obligations
- Respond to user inquiries
- Fulfill user requests
- Comply with our legal or contractual obligations
- Resolve disputes
- Protect against or deter fraudulent, illegal, or harmful actions
- Enforce our Terms of Service
- Name (required)
- Work email address (required)
- Profile picture (optional)
- User added content (which may include personal data if you include personal data in such content)