Sitemate Security

Have full confidence in your data accessibility, control and security with Sitemate's best practice network and application security, access controls, incident monitoring and SOC-2 compliance.

Trusted by companies, projects and teams of every size

~10,000 employees

~500 employees

~10 employees

~25,000 employees

~200 employees

~1,500 employees

~1,500 employees

~6,000 employees

~6,000 employees

~30,000 employees

~400 employees

~40 employees

~5,000 employees

~1,000 employees

~1,000 employees

SOC-2 Certified

Trusted by Systems & IT teams all over the world

SOC 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality and privacy.

SOC 2 certification & compliance assures Sitemate customers and users that Sitemate has the infrastructure, tools, and processes to protect their information from unauthorised access - both from within and outside the firm.

All Sitemate policies & procedures are formed around adhering to these global standards.


NIST CSF provides a broad, risk-based approach for organizations to manage cybersecurity risks. It provides a structured and comprehensive approach to managing cybersecurity risks and enhancing the company's resilience against potential threats.

NIST Cybersecurity Framework helps Sitemate stay proactive and prepared for evolving cyber threats, safeguarding customer data.

Authentication & Authorisation

Authentication is controlled via a combination of a custom Sitemate auth service sitting on top of AWS Cognito & FusionAuth.

Authorization in Dashpivot is via Role Based Access Control (RBAC). Access to data is defined within Dashpivot based on business and security requirements - either preventing or allowing users from viewing and editing data.

SSO (Single Sign On) and MFA (Multi-factor Authentication)

Improve security by utilising Single Sign-On, ensuring that only authorised users are able to access the platform.

With SSO, users don't have to remember multiple secure passwords, which can be time-consuming and frustrating.

Sitemate supports Microsoft Azure, Okta and Rippling.

The OAuth2 framework is used for authorization. OAuth2 is a protocol that allows a user to grant a third-party web site or application access to the user's protected resources, without necessarily revealing their long-term credentials or even their identity.

Which Users does SSO impact?

Single Sign-On is for Dashpivot Contributor users only, who are your managers, supervisors and administrators, allowing for greater control over your systems and login access to your main business systems.

SSO does not impact Dashpivot Visitors or Sitemate free users or require detailed logins on their side so they can still quickly, easily and securely access your workspaces.

Full access controls over internal user management

Give the right access and permissions to the right people with a number of different and easily editable permission types.

Remove access with a single click - once people no longer need access, they won't be able to edit, delete or access private information.

Separate and flexible permissions for external users or 'visitor' users

Give external visitor users more refined and constrained access to specific folders and information so they can see what you want them to see, and nothing else.

Visitors are completely free, so you get the benefits of having them involved in your digital processes with none of the risks.

Flexible folder access control

Control your overarching internal records with a flexible folder structure, so that people only have access to the information that is applicable to them.

For example, certain workers may only need access to the information from one site, so just grant them access to that specific site folder.

Layer permissions on top of folder controls and you have highly secure and completely flexible controls over who gets access to what and why.

Automated historical logs of all changes

Have full visibility on changes made on your documentation with historical logs for all forms and templates.

All logs are shipped to our central security hub, which is a combination of AWS Security Hub, Cloud Watch & DataDog.

Manage pending invites

Always have full control over who can have access to your data by managing pending invites.

If someone has been sent an invite, you can delete their invite so they can't access your data once they accept a rescinded invite.

Search, Sort and Bulk Actions on User Management

Make it quick and easy to manage large number of user controls and permissions.

Search for users, sort or select multiple users to make changes en masse.

Auto-logout removed users

Users are auto-logged out of the Dashpivot mobile app when they are removed as a Contributor or Visitor.

Keep your data safe by removing access to users that no longer need it.

Approval Signature Logic

Using custom logic for approval signatures in your form templates helps you control which people on your team can sign-off forms at each stage of a workflow.

This could be useful for meeting compliance requirements and ensuring that the right person signs the workflow form, based on their user type, or permission type.

Archiving folders

Manage your folders better with archiving once projects are completed or teams have finished their part of the project.

Archived folders can still be accessed and restored in case they're accidentally archived.

Archiving templates

Clean up your list of templates by archiving templates that are no longer used or have been replaced by newer versions or different workflows.

You can still access archived templates, which makes it easier to update your templates if there's any information there, or to review version control.

Archiving lists

Prevent accidental deletions by archiving lists of equipments once projects are completed.

You can restore archived lists if they were archived accidentally or if the same list needs to be re-used for another project.

GDPR compliant

Sitemate is GDPR compliant, so all your data remains GDPR compliant, too.

GDPR can be considered as the world's strongest set of data protection rules, which enhance how people can access information about them and places limits on what organisations can do with personal data.

Privacy policy

Read more about the Sitemate Privacy Policy here:

Award winning software - as voted by people like you

Software that people love to use and can trust, try it for free now.