1. Administration and security
  2. Security

Details the security methods, encryption, and certifications used by Anaplan.

You can control how users access Anaplan data through standard web-based login and Single Sign-on. The logout and timeout behaviors ensure users know they've successfully logged out and ensure Anaplan is not left idle and unattended for too long.

Encryption

Data in Anaplan is encrypted using one of the following methods, depending on the status of the data.

  • Data in transit uses HTTPS with 2048-bit certificates, using TLS 1.2.
  • The session key length is negotiated by the user's browser, which uses the strongest available encryption.
  • Data at rest uses AES-256 full disk encryption.

Certifications

The following security and privacy-related frameworks, audits, and certifications are applicable to Anaplan:

  • Service Organization Control (SOC) reports
  • TRUSTe Privacy Seal
  • EU – US Privacy Shield
  • Cloud Security Alliance STAR

See our Privacy Shield status on the Privacy Shield Framework website(opens external page).

Anaplan only supports browsers that use the RFC-6455 WebSocket protocol. If your browser does not support this protocol, some features of Anaplan might be limited. See the Browser Support page for further details.

Disclaimer

We may update our documentation occasionally, but will only do so in a way that does not negatively affect the features and functionality of the Anaplan service.