Powered by Perforce

Gliffy is owned by Perforce, a longstanding and trusted name in the software industry. Perforce is committed to ensuring data security for customers across all its product offerings, including Gliffy, so you can rest assured that the information contained within your diagrams is safe and secure.

To learn more about Perforce’s data security standards and practices, visit the official Perforce site:

SECURITY AT PERFORCE

Cloud Fortified Since Day One

Gliffy was one of the first apps to achieve Atlassian’s Cloud Fortified designation when the program was introduced in July 2021, demonstrating an ability to meet the highest standards of security, reliability, and support.

Atlassian "Cloud Fortified" icon on a shield on top of multiple Gliffy diagram windows.
Christopher Gerg Headshot

Meet Perforce’s CISO, Christopher Gerg

As the guide for the ongoing maturation of the information security program, Christopher Gerg is the Chief Information Security Officer (CISO) at Perforce Software. His experience ranges from network engineering to executive leadership roles — including CTO and CISO — with highly regulated industries, including healthcare, government, defense, and payment/finance.

With a “Secure by Design and Compliant by Default” approach, Christopher and his team guide the diverse Perforce product lines through their compliance and regulatory obligations. This work is performed with the help of designated liaisons each time, acting as subject matter experts and points of contact to provide tactical support.

Our Data & Security Practices

Personal Information

Personal information (billing information) is not stored within Gliffy, and we do not sell or share your personal information.

Diagram Data

Diagram data stored in Confluence or Jira is covered by Atlassian’s privacy policy. Gliffy’s web-based application, Gliffy Online, does not store diagram data on local devices or Gliffy servers. 

Bug Bounty Program

Gliffy participates in the Atlassian Marketplace’s Bug Bounty Program, allowing security researchers to test the application for vulnerabilities and report any vulnerabilities discovered.

Error Capture & Reporting

In the event of an error condition, the information collected for troubleshooting does not contain personal information or complete diagram data.

Encryption

All customer data is encrypted using HTTPS over Transport Layer Security (TLS) 1.2 or higher. All document content is encrypted at rest with AES-256. The encryption is transparent; keys are managed by our cloud infrastructure provider.

Business Continuity Plan

Gliffy is aligned with Perforce Software’s Business Continuity Plan to manage and minimize the effects of unplanned disruptive events (cyber, physical, or natural).

Gliffy Online

Hosted Security

Gliffy Online servers and customer data are hosted on Amazon Web Services (AWS). Information about AWS Security can be found on the official AWS site.

Backups & Reliability

AWS services are used for daily backups. All our systems are fully redundant and clustered, and Disaster Recovery testing is periodically performed to ensure operations are restored in a timely manner.

Payment Information

All payments made for Gliffy Online use Stripe (PCI Certified). For additional information, please visit Stripe’s privacy page. No credit card data or payment related information is stored on Gliffy systems.