How to Find Software Products with Rock Solid Security

Read this post in:

Having read our first two posts in this special, three-part series on data security, you’ve finally decided to invest in security-conscious Software as a Service (SaaS) products for your team. Excellent… but which do you choose? In this third and final post, we’ll give our advice on the security questions you should be asking when selecting software products: for task management, project management and beyond.

How to Find Software Products with Rock Solid Security

This article is part of a three-part series on safe, secure task and project management. Read the first post in the series, Why Users Should Care About Data Security, and the second Secure Task Management: Understanding How Cloud Software Works on our blog.

In the digital marketplace, where rapid growth and short-term success have priority, online and network security are often overlooked. The old adage “just because you can, doesn’t mean you should” is routinely dropped in favor of a more gung-ho philosophy of “functionality now, security later.” The market for task and project management, offered by MeisterTask and any number of competitors, is no exception to the rule. Due to the significant advantages in efficiency and organization that effective task management tools can bring, providers are locked in an arms race to offer more of everything: more availability, more devices, more features, and more speed.

All of which begs the question… at what cost? The current imbalance between big, flashy features and “unfashionable” topics like security will eventually reach a point where it can no longer be ignored. The basic equation is this: the more devices we connect, and the more tools we use, the greater our exposure is to security risks.

Security News: Meister is now ISO 27001:2013 certified! Find out more.

According to a study by Statista Research, the number of connected IoT devices worldwide is expected to grow to approximately 50 billion by 2030. With such a big target to aim for, can we really keep hoping that the cybercriminals keep missing? Or is a more proactive mindset required? In this post, we’ll go through the key features you should be looking for in your security-conscious choice of software.

Smart, Secure Task Management?

That’s MeisterTask!

Get In Touch With Our Sales Team

Choosing a Security-Conscious Product

As a user of any software, but especially if you have the responsibility to select and manage software for your team, you have the chance to define your destiny when it comes to security and privacy. By making a conscious choice to subscribe to SaaS products with sensible security policies and intelligent features to keep your data safe, you put your company one step ahead of the curve away from a potential data disaster. 

Sounds simple? Well, not quite. Choosing a security-conscious SaaS provider isn’t a one-size-fits-all solution for every potential security issue you or your company might face. On the one hand, there are plenty of things you can do at your end to keep yourself safe online. A good antivirus software goes a long way, as does a password manager, likewise little common sense when it comes to dealing with phishing and other social engineering attacks. There’s also a question of reducing risk by volume: the fewer services you are subscribed to, the lower your risk will become. 

However, personal security precautions only go so far. Once you begin to store data in the cloud and trust providers with personal/confidential information, all you can really do is hope their security policies work as well as you want them to. Of course, you could always choose not to trust anyone, but you’d eventually notice differences in your ability to do almost anything online. The reality is, in the modern working world, you’re going to have to trust someone with your data eventually. The deciding factor, simply, is who you can trust.

Certified by Experts

We’re a Trusted Cloud Service!

Try MeisterTask

Security Considerations for Task Management

At Meister, we place a high value on making our tools as secure as possible, which is why we are fully 27001:2013 certified. The question of security is particularly relevant to our task management software MeisterTask, primarily because the amount of data that is uploaded to the tool is higher and the nature of this data (intellectual property, financial records, etc.) tends to be more sensitive.

Whether you choose MeisterTask as your tool of choice or not, the security level of your task management software is very important. It affects how safe it is for you, your team, and any external collaborators you work with to share data. The security features of your task management software should therefore be flexible and robust enough to address the varying needs of your organization. 

Tailored to You

Ask Us About an Enterprise Plan.

Contact Sales

Part of this comes down to the functionality of your tool. A minimum requirement would be the ability to give access to one project without exposing all other active assignments to third parties. Similarly, you should be looking for control over role-based access. With tools like MeisterTask, users can define and assign roles with preset permissions. Not only does this save time but it automatically keeps information in the hands of those who need it. 

Find out how to set user permissions for your project in our help center.

On a more general level, well-defined security procedures should be part of the overall package of any task management tool you choose to work with. Not sure how secure your software is now? Ask your provider the following key questions, designed to help you ascertain the key requirements for your task management system, or indeed any SaaS product.

The Nine Security Questions to Ask When Selecting Software

1. Is Your Product Certified?

Your data is stored and managed according to internationally accepted standards for data protection.

Your software provider should, at the least, comply with the minimum standards for data security. They should have policies that are specific to their business operations and processes, as well as procedures in place to restrict access to sensitive data. For example, task management tools operating in Europe should be GDPR-compliant in order to maintain data security. In the US, CCPA is the accepted norm.

Ideally, you want your software provider to go beyond the minimum security requirements. The “gold standard”? ISO.

ISO 27001:2013 is an international standard on how to manage information security – and getting certified means fulfilling over 100 individual requirements that examine every process around the topic. If your vendor passes the  test (which has to be certified and regularly checked by an external body) it will show that they have a comprehensive and risk-based approach to protecting information. It gives you the best chance to protect  your data from cybersecurity threats.

Meister is ISO 27001:2013 certified – the highest international standard for data security. Certification means that your data is safe and handled in the best possible way. Learn more here.

2. Where are the Servers Located?

Your data may be “in the cloud,” but server-based cloud software needs a physical server somewhere, too. Where these are located defines much about your provider’s security policy. In Europe, the regulations governing server farms are far stricter and consumer expectations concerning security are higher. This isn’t to say that all EU-based tools are more secure than their US equivalents, but starting from a higher baseline of security puts providers like Meister at a distinct advantage.

It’s also worth considering the unique geographical and weather concerns of the region. For example, a task management tool that houses servers in areas where tsunamis or earthquakes regularly occur might not be the best investment.  

The Meister View: Not all online task and management tools are created equal and some offer considerably more security than others. Our opinion is that European companies are better-placed to offer high-security services because they are bound by regulations like the GDPR.

3. What are the Default Settings?

In MeisterTask, all task-related security settings are private by default.

Default privacy settings make it much, much easier to keep information secure and hidden from parties who do not need immediate access to it. This can help curb human error and social engineering attacks. Not only does it ensure that only the people who are meant to see sensitive task information have access to it, but it also keeps information secure until it’s ready to be shared. 

The Meister View: MeisterTask sets a standard when it comes to default settings. All task-related security settings are private by default, which serves as an extra precaution until permission is manually granted otherwise.

4. Do You Provide Uptime Guarantees? 

In the simplest possible terms, uptime is the time when a computer is operating. In terms of a SaaS product, it means the time in which the product can be used online because the communication to the cloud servers is secure. Uptime statistics and guarantees are helpful if you want to evaluate a provider’s infrastructure security. Look for a task management solution with a history of high uptime.

The Meister View: We provide 99.9% service uptime for our paid accounts. This ensures that outages and interruptions are not concerns our users have to deal with, barring genuinely exceptional circumstances.

5. Do You Offer Granular User Permissions?

We make permission setting easy for project managers.

As mentioned in a previous post, many data breaches can occur without the need for hacking or malware: data simply falls into the wrong hands because the wrong people are given access to it. Although educating your employees about the risks of unauthorized access may help somewhat to fixing the problem, it’s better all-round if the issue is resolved on a technical level to begin with. 

Easy-to-use, but technically sophisticated, role-based access and data sharing allows administrators to define which information users have permission to see. In MeisterTask, this feature allows you to adjust permissions on a user or team level and configure selective sharing of sensitive information on a project-by-project basis.

The Meister View: We make permission setting easy for project managers and other administrators. You can restrict invitations to certain email domains and set permissions so that specified users may view or comment on items, but not edit them.

6. Do You Offer Real-Time Monitoring?

Cybercrime never sleeps. This means that you have to ask a simple question which comes to selecting your next online tool. Does the provider monitor their security 24/7? When is the IT team available to answer questions and troubleshoot? If you can’t answer these questions, you may need to consider a different SaaS provider.

The Meister View: In the event of a security emergency, our infrastructure is equipped to handle any eventuality, regardless of time or location. Encryption at rest, 24x7x365 monitoring of the entire server farm, fail-safe power supply, and redundant internet connectivity are just a few features that help us fulfill this promise.

7. Do You Use Two-Factor Identification?

We recommend that users enable Two-Factor Authentication to add an extra layer of protection to their accounts.

Two-factor authentication (2FA) is a security feature that automatically adds another layer of protection to your account. You’ve probably seen something similar in many of the online accounts you use, especially online banking and other high-risk services. 

Choosing a software service provider that implements 2FA can give you added peace of mind: two walls of protection instead of one deters hackers from attempting to steal data, which in turn reduces the risk that accounts will be compromised. Even if you use 2FA, you should still insist that your team uses strong passwords for all their online accounts.

The Meister View: We recommend that users enable Two-Factor Authentication to add an extra layer of protection to their accounts. Whenever you log in, you’ll need to enter both your password and a security code from an app on your mobile phone. This second layer of security ensures that user accounts stay secure even if passwords are lost or stolen.

8. How Often Do You Back Up Your Data?

You know that feeling when your computer crashes before you had the chance to save your progress? Now, imagine that happened to every project your team was working on. Having frequent backups brings peace of mind in worst-case scenarios. They ensure that if the information does get lost or stolen, you’ll always have a reasonably up-to-date copy saved in a secure location.

The Meister View: We backup your data on daily, weekly and bi-weekly rotations at multiple offsite locations in Germany to safeguard against unforeseeable events. These locations protect our services from connectivity drops, power cuts, and other common location-specific failures.

9. What’s Going on with Firewalls and SSLs?

All MeisterTask accounts use a 256-bit Secure Socket Layer (SSL) encrypted data transfer.

We don’t want to get too technical but… hey, the more you know. Although firewalls and SSLs sound like security jargon, these keywords represent techniques that are absolutely critical for network security. To simplify, a Firewall is a network security device that monitors and filters incoming and outgoing network traffic, while SSL, or Secure Sockets Layer, is an encryption-based internet security protocol. Together, they will help stop the cybercriminals from reading the data you send using MeisterTask.

Look for a solution that encrypts all accounts using a 256-bit SSL with multiple firewalls surrounding it. This design prevents unauthorized access to private projects and databases at every level. 

The Meister View: All MeisterTask accounts use a 256-bit Secure Socket Layer (SSL) encrypted data transfer between the end-user and MeisterTask. Private projects cannot be accessed by other people, nor indexed by search engines or robots, regardless of your account level. All MeisterTask systems are protected by multiple firewalls and special network access controls.

Make Informed Decisions

Data security is a must-have for every level of business organization using online tools and services. Task and project management with cloud-based tools like MeisterTask make it possible to protect sensitive information and improve productivity at the same time. By asking the right questions, you can now easily discover, narrow down, and partner with trustworthy software providers that will keep your information and your company safe. 

We hope you have enjoyed our three-part series on data security and that you’re now convinced of the need for safe, secure task management. If you’re interested in seeing the benefits for yourself, why not contact our sales team for a free demonstration and more information about the tool? 

Choose Secure Task Management

Choose MeisterTask

Contact Sales Today

This post was co-authored by Maria Waida, Owner of SaaSy Copywriting and “One of the Best Marketers in the World” – G2