Security Protection for Web-Based Project Management
For optimal performance and user experience, please upgrade your browser or choose a different browser.

e-Builder Trust

Top Tier Security Protection

At e-Builder, we take the security of our software and our clients’ information very seriously. With top tier security protection, world-class data centers and SSAE 16 Audits performed annually, e-Builder is committed to keeping our clients information secure and protected at all times.

Access Controls

  • 24-hour manned security, including foot patrols and perimeter inspections
  • Biometric scanning for access
  • Dedicated concrete-walled Data Center rooms
  • Computing equipment in access-controlled steel cages
  • Video surveillance throughout facility and perimeter
  • Building engineered for local seismic, storm and flood risks
  • Tracking of asset removal

Environmental Controls

  • Humidity and temperature control
  • Redundant (N+1) cooling system

Power Supply

  • Underground utility power feed
  • Redundant (N+1) CPS/UPS systems
  • Redundant power distribution units (PDUs)
  • Redundant (N+1) diesel generators with on-site diesel fuel storage

Network Connectivity

  • Concrete vaults for fiber entry
  • Redundant internal networks
  • Network neutral; connects to all major carriers and located near major Internet hubs
  • High bandwidth capacity

Fire Detection & Suppression

  • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
  • Secure transmission and sessions
  • Connections via SSL, using global step-up certificates from Thawte, ensuring that all content exchanged between the user’s browser and e-Builder servers is secure and encrypted
  • Individual user sessions identified and re-verified with each transaction, using a unique token created at login

Network Protection

  • Perimeter firewalls and edge routers block unused protocols
  • Internal firewalls segregate traffic between the application and database tiers
  • Intrusion detection sensors in the internal network report events to a security event management system for logging, alerts, and reports
  • A third-party service provider continuously scans the application and alerts changes in baseline configuration

Disaster Recovery

  • Near real-time replication to disk at each data center
  • Near real-time data replication between the production data center and the disaster recovery center
  • Data transmitted across encrypted links
  • Disaster recovery tests verifying our projected recovery times and the integrity of the client data

Data Backups

  • All data backed up to tape at each data center on a rotating schedule of incremental and full backups
  • Tapes are transported offsite and are securely destroyed when retired

Internal and Third-Party Testing & Assessments

  • e-Builder tests all code for security vulnerabilities before release 
  • Regular scans of our network and systems for vulnerabilities
  • Third-party assessments are also conducted regularly:
  • Application vulnerability threat assessments
  • Security control framework review and testing

Security Monitoring

Our Information Technology Department monitors notifications from various sources and alerts from internal systems to identify and manage threats.

Interested in turbo-charging your capital program?

We'll share how others do more with less using e-Builder.