Security
Culture
Deltek’s CEO and executive team drive Deltek's commitment to the security of our products and services. By prioritizing security in our corporate initiatives and product roadmaps, Deltek is able to maintain a cohesive security strategy and awareness throughout the organization. We strive to take the lead on security by investing in our products, people and processes rather than just responding to security threats. Our Security Operations Team stays on top of emerging threats, while the Deltek Security Incident Response Team is ready to address any incidents should they occur.
Product & Service Development
Security professionals are engaged during the entire product and service lifecycle to ensure security requirements and secure coding align with the Open Web Application Security Project (OWASP) standard. Throughout the Software and Service Delivery Lifecycles, products undergo security, vulnerability, performance and functional testing. Additionally, teams receive security-related and compliance training.
Service & Support
Deltek’s team includes certified cloud and security experts. We invest in our people with continual learning, annual security and compliance training and other professional growth opportunities to ensure that the Deltek team is aligned on company security goals and strategy, while at the same time understanding industry trends.
Deltek employs role-based authentication controls to ensure that only authorized personnel and services can access the cloud computing infrastructure. Deltek Cloud Operations staff employ multi-factor authentication to verify their identity, which increases the protection of access credentials and minimizes the scope of privileged account access.
Software as a Service
Our security architecture in the Deltek Cloud provides threat detection, prevention and system monitoring controls throughout the SaaS service:
- Security Information & Event Management (SIEM) allows for active monitoring of system and application logs to identify potentially malicious activity, allowing for faster detection and incident response across the cloud environment
- Endpoint Protections such as anti-malware, anti-virus and host-intrusion prevention (HIPS) to actively identify, quarantine and remove malicious files
- Intrusion Detection and Prevention (IPS) combines firewalls and load balancers at the perimeter to provide a centralized and coordinated detection of network and application-layer threats
- Layered Firewalls – prevent and block distributed denial of service attacks and suspicious network traffic before it gets into the application environment
- Data Encryption protects customer data while in transit using TLS and at rest using AES 256-bit encryption
- Network Segmentation through technologies such as Virtual Private Clouds (VPC) or Virtual Networks help control and limit inbound and outbound network traffic to a defined path
- Deep Network Bandwidth protects against unexpected spikes in traffic
Monitoring
Deltek monitors for uptime and performance 24x7x365 to ensure our services meet the highest of standards: yours.
Deltek monitors every product, environment and layer of its Cloud infrastructure for anomalous traffic and activity. Frequent platform vulnerability scans combined with deep product, network and infrastructure vulnerability assessments ensure your data is better protected against today’s threats.