At ftrack, we understand that your creative content is your most valuable asset. That’s why we’re committed to safeguarding it across both our cutting-edge platform and our organization as a whole. You can trust us to uphold the confidentiality and integrity of your invaluable creative projects.
We’re proud to be SOC 2 compliant, providing an additional layer of assurance that we adhere to the most stringent security protocols.
Industry trusted, Academy Award-winning solutions
Audits & compliance
SOC 2 compliance, cybersecurity audits, and more affirm our security commitment.
We regularly update with new security features such as 2FA, strong passphrases, and SSO.
”Thanks to ftrack Studio and cineSync, all of our project data is easily and securely accessible. As a result, we can work with anyone, anywhere, including more closely with outsourcing studiosKalvin IrawanStudio Head, Lumine Studio
Proudly SOC 2 compliant
Uncompromising Data Protection: Secure your competitive edge with ftrack’s SOC 2-compliant security measures. Rest easy knowing your assets and schedules are safeguarded at every project stage.
Earn Client Trust: Our SOC 2 compliance and third-party audits give clients the confidence they need. We’re committed to preventing unauthorized data disclosure.
Guarding Your Creative Assets: SOC 2 compliance proves our commitment to protecting your most-prized content across ftrack products. Your data is secured from ideation to execution.
Cloud security you can trust
But we don’t stop there. We’ve enhanced this solid foundation with advanced security measures such as firewalls and AES-256 encryption at rest. Our platform also offers built-in features like Single Sign-On (SSO) and Two-Factor Authentication (2FA) for an extra layer of account protection.
With ftrack, your content remains securely guarded.
Uncompromising product security
Every phase of the ftrack product lifecycle is rigorously vetted for security – from initial design to final release.
Security is a priority from the get-go when we conceptualize new features. Early risk identification, vulnerability detection tools, and penetration testing are integral to our development process.
Before any new build goes live, we execute a comprehensive set of authorization and permission tests, including both white- and black-box testing. Any changes to the source code undergo a dual review process by at least two developers to ensure the highest level of security.
Secure user authentication
Rest assured, only authorized users can access your ftrack instance.
We offer versatile authentication options including LDAP, AD, Google, SAML, or native ftrack accounts. API access mandates a personal API key, and all server file requests are secured with AWS-supplied HMAC-SHA256 signatures. Role-based permissions further fine-tune user capabilities within the platform.
Our security protocols undergo frequent testing – including vulnerability assessments and simulated penetration attacks – verified by third-party audits.
Security is built into the fabric of ftrack
Our commitment to security isn’t an afterthought – it’s a cornerstone. As we innovate to streamline your workflows, we roll out features to secure them.
At ftrack, securing your studio’s content is a never-ending commitment.
Our security protocols
Take a look at how we maintain a secure environment at ftrack HQ to protect your valuable work.
- Audits: Regular assessments by third-party security experts.
- Compliance: Proudly SOC 2 compliant, meeting rigorous industry standards for security and data protection.
- Incident preparedness: Incident response and disaster recovery are rigorously tested and planned for.
- Vulnerability scanning: Including code and application scanning, simulated attacks, and penetration tests.
- Change control: Dual review process for all source code changes.
- System backup: Encrypted, redundant backups on using AES-256.
cineSync: Secure media review & collaboration from award-winning experts
Created by industry veterans and honored with both Academy Awards and Emmys, cineSync offers a perfect blend of security, quality, and flexibility for modern creative studios.
We prioritize your content’s safety: cineSync doesn’t store media files nor do they pass through our servers. Instead, only 256-bit encrypted sync commands are transmitted. That’s why the world’s leading studios entrust us with their valuable content.
Internal vigilance: Security at ftrack HQ
Our commitment to security transcends our product – it’s part of our daily operations. Here’s how we maintain a fortress of security at ftrack HQ:
- 2FA: Enabled for all company accounts.
- Endpoint Security: Firewall, antivirus, and disk encryption for every team member.
- Regular Briefings: Periodic security updates to stay ahead of threats.
- Annual Training: Yearly security awareness programs for our staff.
- Digital Keys: Encrypted for added protection.
- Confidentiality: Strict agreements to safeguard sensitive information.