Keeping our clients' data secure is an absolute top priority at ClickUp. Our goal is to provide a secure environment, while also being mindful of application performance and the overall user experience.
ClickUp is hosted entirely on Amazon Web Services (AWS), providing end-to-end security and privacy features built in. Our team takes additional proactive measures to ensure a secure infrastructure environment.
For additional, more specific details regarding AWS security, please refer to https://aws.amazon.com/security/. We don't publicize exactly what features, services and data center regions/zones are used at ClickUp for security reasons, but we are able to provide a brief overview of our approach to securing your company's data.
AWS maintains an impressive list of reports, certifications, and third party assessments to ensure complete and ongoing state-of-the-art data center security. They have many years of experience in designing, constructing, and operating large-scale data centers.
AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. It is safe to say Amazon is much better at physical security than we are capable of being, so we leave it to them.
ClickUp's infrastructure is hosted in a fully redundant, secured VPN environment, with access restricted to operations support staff only. This allows us to leverage complete firewall protection, private IP addresses, and other security features.
All ClickUp web application communications are encrypted over 256 bit SSL, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions.
ClickUp maintains ongoing Level 1 PCI compliance, abiding by stringent industry standards for storing, processing and transmitting credit card information online.
ClickUp actively monitors ongoing security, performance and availability 24/7/365. We run automated security testing on an ongoing basis. We also contract a third party for penetration testing.