Anaplan is built using the core principles of information security:
Data is always encrypted.
- Data in transit uses HTTPS with 2048-bit certificates, using TLS 1.2.
- Session key length is negotiated by the end-user browser, using the strongest available encryption.
- Data at rest is protected using AES-256 full disk encryption,
The following security and privacy-related frameworks, audits, and certifications are applicable to Anaplan:
- Service Organization Control (SOC) reports
- TRUSTe Privacy Seal
- EU – US Privacy Shield
- Cloud Security Alliance STAR
You can view Anaplan's Privacy Shield status.
Note: Anaplan only supports browsers that support the RFC-6455 WebSocket protocol. If your browser does not support this protocol, some features of Anaplan might be limited.