Securing Our Infrastructure
At Rally, we prioritize the security, integrity, and confidentiality of our customers' data. Our infrastructure is built using industry-leading tools and technologies that ensure data protection and reliability at every layer. Here’s a breakdown of the components that make up our secure infrastructure.
Rally Sessions that are secured
When you create a rally session, we take into account the security of who has access to it. In order to get into a session, one must login with your provider (Atlassian). We do an additional cross reference to make sure they are apart of your Atlassian Organization.
Your Security is Our Commitment
Our multi-layered security approach combines secure hosting, encrypted communication, robust database management, and responsible AI integration. By partnering with leading platforms like AWS, MongoDB Atlas, and OpenAI, we’re dedicated to providing a secure, reliable, and innovative environment that you can trust with your data.
AWS for Secured Hosting
Our platform is hosted on Amazon Web Services (AWS), a global leader in cloud infrastructure known for its robust security protocols. AWS provides secure, scalable hosting with data centers that meet the highest international security standards, including GDPR, SOC 2, and ISO 27001 compliance. AWS also ensures:Physical Security: All AWS data centers are secured with strict access controls, surveillance, and physical barriers to prevent unauthorized access.Data Encryption: AWS enables us to encrypt data both in transit and at rest.Continuous Monitoring: AWS tools monitor our infrastructure 24/7 for unusual activity and potential security threats.By utilizing AWS, we provide a highly reliable and resilient hosting environment that safeguards your data.
HTTPS Protocol for Secure Data Transmission
Every interaction with our platform is protected by HTTPS (Hypertext Transfer Protocol Secure). HTTPS ensures that data transferred between our servers and your device is encrypted, preventing interception or tampering. Key features of our HTTPS protocol include:TLS (Transport Layer Security) encryption, which secures data as it moves across the internet.Identity Authentication to ensure that users are connecting to legitimate servers.Protection Against Man-in-the-Middle Attacks, keeping your data safe from unauthorized access while in transit.With HTTPS as our standard for data transmission, we guarantee secure, encrypted communication at every touchpoint.
MongoDB Atlas for Secure Database Management
Our application’s database is managed using MongoDB Atlas, a fully-managed database service designed with security as a core feature. MongoDB Atlas provides several layers of protection: Encryption at Rest and in Transit: All data in MongoDB Atlas is encrypted by default, ensuring that information is protected both in storage and during communication. Access Controls and Authentication: MongoDB Atlas offers robust access control mechanisms, including role-based access and integration with industry-standard authentication protocols. Automated Backups and Disaster Recovery: MongoDB Atlas automatically backs up data and provides restoration options, ensuring data resilience and minimal downtime.With MongoDB Atlas, we benefit from a secure, scalable, and reliable database solution that keeps your data accessible and protected.
OpenAI for Advanced AI Solutions
We leverage OpenAI's API to power intelligent features within our platform. OpenAI maintains a strong focus on security and data privacy:Data Privacy: OpenAI adheres to strict data handling practices, ensuring that customer data processed by OpenAI's API is handled responsibly and securely.Model and Data Isolation: OpenAI maintains rigorous protocols to separate customer data and prevent cross-data interference.Compliance with Security Standards: OpenAI is committed to industry-standard security and compliance practices, ensuring secure integration of AI capabilities into our platform.Through OpenAI, we deliver advanced AI functionality in a secure manner, enhancing our services without compromising on data privacy.