• Overview
    Key features
    • Observability
    • Auto-scaling
    • Multi-framework
    • Security
    Frameworks
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Languages
    • PHP
    • Python
    • Node.js
    • Ruby
    • Java
    • Go
  • Industries
    • Consumer Goods
    • Media/Entertainment
    • Higher Education
    • Government
    • Ecommerce
  • Pricing
  • Overview
    Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Login
  • Request a demo
  • Free Trial

Reliability at Platform.sh

Over 5,000 organizations work with Platform.sh, and they can all rely on a foundation of cloud security standards and vital security practices that work seamlessly to protect their personal information and sensitive data at scale.

Confidentiality

Certifications

Platform.sh is compliant with major security and privacy standards that ensure customer privacy, including the European GDPR, German BDSG, Canadian PIPEDA, the Australian Privacy Act, and HIPAA. We undergo an annual SOC 2 Type 2 audit over Security, Privacy, and Availability as well as an annual PCI DSS Level 1 audit for our regions hosted on Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Encryption

All customer application data in transit is encrypted by default. Plus, we only access data internally for support reasons at the customer’s request, or to fix or prevent an outage. We also maintain a list of Platform.sh employees with access to customer data, which is reviewed monthly.

Integrity

Automatic backups

Automatic backups can be set up on customer projects to prevent data loss.

Internal logging and monitoring

We log and monitor access and are alerted when potential threats to our containment model have been discovered.

Automatic updates

Platform.sh regularly updates its container images for the latest security updates from upstream providers. Don't worry, these updates aren't pushed automatically. Instead, the latest available version of every requested container is loaded on each deploy to a given environment. So, after a deployment, you are always guaranteed to run the latest version of a container.

Access control and audits

We automate and centralize our access control management and apply the principle of least privilege. Additionally, we audit our own access control lists monthly as a safeguard.

Availability

99.99% uptime

We understand even the slightest outage can have an incredible impact on business. Platform.sh provides everything you need to keep your applications and websites up and running through the use of our effective automated support system, backups, byte-for-byte clones of production environments, and an SLA of 99.99% uptime, so you can consistently give your audience the best digital experience possible, without sacrificing security.

Auto-scaling and DDos protection

Developers can leverage our built-in reverse proxy cache, TLS encryption on all connections, and optional Distributed Denial of Service prevention. And our orchestration system can automatically increase the resources of your production environment in minutes, so your apps and sites remain available even under the most stressful of traffic surges.

We're here to answer your questions

For high level compliance questions that are not answered in the trust center
Contact customer care
For detailed compliance questions including completing any compliance forms
Contact sales
Company
AboutSecurity and complianceTrust CenterCareersPressContact us
Thank you for subscribing!
  •  
Field required
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceAcceptable Use PolicyManage your cookie preferencesReport a security issue
© 2024 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺