For those with questions about Mingle security, we have several resources.
- Data Center access - Mingle is built on AWS which provides a data center and network architecture that’s built to satisfy the requirements of the most security-sensitive organizations in the world. You can find out more about Amazon's security here: http://aws.amazon.com/security/. There is no direct public access to the application servers, database or other core services.
- Multi-tenant infrastructure - Each customer has a unique database schema.
- Backups - Backups are taken everyday and copied to multiple data centers in different geographical locations.
- Uptime- Our uptime has been 99.99% in the past 7 days, and you can follow the uptime/availability of Mingle here: https://www.thoughtworks.com/mingle/status/
- Encryption - Mingle's database authentication encrypts passwords using SHA2 and a per user salt.
- Who has permission to do What? - You can find more information on user roles in Mingle here. If you open a ticket with the Support Team, we may need to view your project in order to troubleshoot the problem. We do not edit or delete things from your project.
- Audits - Our web application undergoes yearly web application security audits. We recently had Redspin - a third-party, objective computer security firm - conduct an in-depth Web Application Security Assessment. A copy of our Letter of Attestation is available on request.
- SSO and LDAP- We officially support OKTA but Mingle will work with any SAML 2.0 based SSO provider. More information can be found here. If you require additional help, please contact us at firstname.lastname@example.org or create a new support ticket via this form.
- Customer backups - Some customers prefer to do their own regular backups by exporting their Mingle projects. Your Mingle admin can access this feature under the Project Admin tab by clicking on Export Project: