Data Center Physical Security
Connect's infrastructure runs on Amazon Web Services (AWS). AWS provides state of the art physical protection for the infrastructure on which Connect is built. Access to AWS data centers is strictly controlled and data centers are constantly monitored to ensure systems are functioning properly.
All communication with Trimble Connect occurs over HTTPS, ensuring communication is encrypted with TLS (SSL). All customer data is stored for high-availability and durability. Data generated within Trimble Connect is stored in secure databases which are backed-up daily. Trimble Connect's application security model prevents customer data cross-over and ensures complete customer data segregation and privacy.
All code developed in-house or by third-parties is checked for security defects with a source code analysis tool. Production servers are regularly scanned for vulnerabilities.
Within Trimble Connect, only authorized employees have access to servers and application data. Trimble Connect servers can only be accessed through secure encrypted channel connections using a VPN operated by Trimble Connect.
Accounts for Trimble Connect are managed in a secure database stored outside of the Connect application. Additionally, passwords are stored as salted one-way hashes. Passwords themselves are never stored and never transmitted in plain text. Users have the ability to generate and revoke unique access tokens for accessing Trimble Connect via APIs.