Pimcore Cloud Security Measures

Version 1.0 as of November 30^th, 2021

We keep backups of Pimcore Cloud Edition for the last 7 days as part of our standard Pimcore Cloud edition plans.
The actual locations of your data center(s) are specified in your Pimcore Cloud Agreement (PCA).
You can contact our Technical Support Help Desk to restore any of those backups on your productive Pimcore Cloud Edition instance.
Disaster recovery: in case of complete disaster, with a data center entirely down for an extended period, we have the following objectives:
- RPO (Recovery Point Objective) = 24h. This means you can lose max 24h of work if the data cannot be recovered and we need to restore your latest daily backup.
- RTO (Recovery Time Objective) = 48h is the time to restore the service in a different data center if a disaster occurs and a datacenter is completely down.
How is this accomplished: we actively monitor our daily backups, and they are stored in a different location. We have automated provisioning to deploy our services in a new hosting location.
We routinely use both the daily backups and provisioning scripts for daily operations, so both parts of the disaster recovery procedure are tested all the time.

All your data is stored on a dedicated database service - there is no sharing of data between clients and full isolation on network level .

Customer passwords are protected with industry-standard hashing (as of 2021-12-01 this is bcrypt), with automated re-hashing if required.
Pimcore staff does not have access to your password, and cannot retrieve it for you, the only option if you lose it is to reset it.
Login credentials are always transmitted securely over HTTPS.
Repeated login attempts are blocked by an automated brute-force detection.
An industry-standard password policy is in place for creating new passwords.
Additionally, we provide the possibility for two factor authentication using one time passwords (OTP).

Pimcore helpdesk staff may sign into your account to access settings related to your support issue. For this they use their own special staff credentials, not your password (which they have no way to know).
This special staff access improves efficiency and security: they can immediately reproduce the problem you are seeing, you never need to share your password, and we can audit and control staff actions separately!
Our Helpdesk staff strives to respect your privacy as much as possible, and only access files and settings needed to diagnose and resolve your issue.

All Pimcore Cloud Edition servers are running on a managed cluster with up-to-date security patches.
Only a few trusted engineers have clearance to remotely manage the servers - and access is only possible using an industry-standard authentication with at least 2 different factors.

Pimcore Cloud Edition servers & services are hosted in trusted and certified data centers & service providers in various regions of the world depending on your Pimcore Cloud Agreement (PCA) and they must all exceed our physical security criterions:
- Restricted perimeter, physically accessed by authorized data center employees only.
- Physical access control with security badges or biometrical security.
- Security cameras monitoring the data center locations 24/7.
- Security personnel on site 24/7.

We never store credit card information on our own systems.
Your credit card information is always transmitted securely directly between you and our PCI-Compliant payment acquirers.

All data communications to client instances are protected with state-of-the-art encryption (HTTPS).
All data communications leaving your private network for your instance, are also protected with state-of-the-art encryption.
Our servers & services are kept under a strict security watch, and always patched against latest known vulnerabilities.
All our certificates use robust modulus trusted certificates chains.

All data center and service providers used by Pimcore Cloud Edition have very large network capacities, and have designed their infrastructure so it should withstand the largest Distributed Denial of Service (DDoS) attacks. Their automatic and manual mitigation systems can detect and divert attack traffic at the edge of their multi-continental networks, before it gets the chance to disrupt service availability.
Firewalls and intrusion prevention systems on Pimcore Cloud Edition servers help detect and block threats such as brute-force password attacks.

Pimcore (the software)

Next to commercial Pimcore Cloud and Enterprise Edition Pimcore Platform is available as open source, so the whole Open Source codebase is continuously under examination by Pimcore users, contributors and security researchers worldwide. Community bug reports are therefore one important source of feedback regarding security. We encourage developers to audit the code and report security issues.
The development processes have code review steps that include security aspects, for new and contributed pieces of code.

Pimcore is designed in a way that prevents introducing most common security vulnerabilities:
SQL injections are prevented by the use of a higher-level API that does not require manual SQL queries.
XSS attacks are prevented by the use of a high-level templating system that automatically escapes injected data.
The framework prevents RPC access to private methods, making it harder to introduce exploitable vulnerabilities.

Pimcore is audited by independent companies at regular intervals that are hired by our customers or prospects to perform audits and penetration tests. Our Pimcore Experts receive the results and take appropriate corrective measures whenever it is necessary.
However, we will not disclose any of those results, because they are confidential and belong to the commissioners.
Pimcore also has a very active community of independent security researchers, who continuously monitor the source code and work with us to improve and harden the security of the software.

If you need to report a security vulnerability, please submit a respective support ticket via Pimcore’s technical support help desk or send us an email via support@pimcore.com.
We will treat such reports with high priority. Our Pimcore experts will try to assess and solve the problem as soon as possible, in collaboration with the reporter, and then disclose in a responsible manner to Pimcore customers and users.