The unique PMG security concept

Security begins with people. That is why all PMG employees are bound by data protection regulations (Art. 29 GDPR) and a non-disclosure obligation.

Our PMG cloud stores your files on redundant server clusters in spatially separate data centers with ISO 27001 and IT baseline protection certification from the German Federal Office for Information Security. Daily backups offer additional protection.

Encrypted transmission of data is supported by TLS 1.3 with Forward Security. Storage is also encrypted (AES-256).

Our numerous security measures include DDoS protection, a virus scanner that is always up-to-date, hardened server systems, regular vulnerability scans (PCI-DSS-compliant) and multi-level firewalls.

Our PMG cloud provides you with comprehensive rights management. You allocate specific rights to individuals, groups, or roles. Clear rights reports document the status and can be viewed transparently.

All user activities are logged ready for audit. Our cloud also creates a checksum (hash) for every file as its unique identification. Files (including all their versions) are not deleted, but simply blocked. All data is always seamlessly available to you.

We arrange for the security of our system to be checked at regular intervals by independent penetration tests. The test uses OWASP criteria, among other things.

At regular intervals, we review the security measures of our service providers and subcontractors. All partners are contractually obligated to meet the same high security and data protection standards as PMG.

The entire range of 2-factor authentication options is available to you for a secure login: SMS-TAN, Google Authenticator, Mail-TAN and FIDO2.

If you do not want PMG to save passwords for authentication, simply connect your internal user administration of an active directory (AD) with PMG. Your employees can then log in as usual.