Trust & Security
Security. Trust. Transparency.
That’s the PROS Promise – and we don’t make it lightly.
Our promise is built on a foundation
of secure technology, best practices,
trained personnel and compliance.
The PROS Constellation of TRUST
- Governance
- Risk Management
- Security
- Personnel
- Operations
We’ve purpose-built our solutions on profoundly secure platforms, then hired brilliant minds in security and trust to maintain them. PROS breathes trust because we believe robust security awareness enables us to offer you more services and better solutions – all to help your enterprise outperform.
From product to platform to physical security, PROS dials in the international standards and then asks: What else can we do?
- Our cloud utilizes strategically positioned data centers within the Global Microsoft Azure network to minimize latency and provide primary and secondary pairs for backup.
- We regularly test key controls, systems and procedures in our information security program to validate their effectiveness in addressing threats and risks.
- We conduct frequent internal audits, annual independent third party audits and risk assessments in order to continuously monitor the threat landscape.
- We base PROS Secure Development Lifecycle (SDL) on industry best practices and tailor it to fit the Agile methodology, including threat modeling, security testing at the code level to ensure vulnerabilities are identified early and regular vulnerability scanning of the PROS Cloud environment.
- We conduct penetration testing and perform a Final Security Review (FSR) of all security activities before software releases.
- We hand you full IT service management, including stack monitoring and operations, disaster recovery and capacity management – all with an application-level SLA.
Our secure architecture includes access control, multi-factor authentication, encryption and state-of-the-art defenses against cyber-attacks. PROS provides the security and availability features you demand of a mission-critical application:
- SOC2 and ISO 27001 certified environments with ITIL incident and change management.
- Strict enforcement of information security policies and annual security training for all employees.
- All customer instances and data logically isolated.
- PCI and HIPAA compliant environments available, if needed.
- Industry standard firewalls and intrusion detection/prevention.
We’ve implemented more than 900 solutions in 55 countries spanning 30+ industries. We know the rules and regulations, and we know how to protect your data in any context.
- GDPR compliant: adherence to the most rigorous set of international regulations set forth in General Data Protection Regulations.
- SOC2 certified: our internal controls are guaranteed secure, confidential and effective by the Trust Service Criteria.
- Master control matrix helps identify and unify security controls across multiple international and industry standards.
- ISO 27001 certified: complete compatibility with the global standard for asset and information security as specified by the International Organization for Standardization.
- Compliant with the CSA Star standard: the Cloud Security Alliance means a thorough, independent third-party auditor has assessed and approved PROS cloud security.
- Robust Business Continuity and Disaster Recovery planning, including system tests, training drills and continuous improvement exercises.
Security awareness is part of our DNA and each team member is a critical link. PROS has assembled a world-class team to ensure the most advanced, robust safety for your data. Our certifications include:
PROS Information Security for B2B: Secure Solutions You Can Rely On
PROS Attains ISO/IEC 27001 Certification for Information Security Management
Demonstrates Commitment, Accountability to SaaS Security; Helps Customers Make Informed Choices
Companies across the globe entrust PROS with their data, and ISO/IEC certification offers assurances to our customers that we are committed to data privacy and safeguarding their commercial assets in compliance with the industry’s most demanding standards and practices. For our customers around the world, ISO certification also underscores that our governance and compliance practices meet the highest international standards of data protection.