Secure project management software
The protection of personal data is more than just a legal requirement for OpenProject. Protect your data with the most secure project management software.
The protection of personal data is more than just a legal requirement for OpenProject. Protect your data with the most secure project management software.
OpenProject as an open source project management software is highly committed to security and data privacy. We have this conscience deeply integrated in our product development and all our company’s processes and mindset. We aim to provide the most secure project management software for you.
The awareness and importance for security and data privacy actions have always been a major topic for us and are one of the main motives for developing this open source project management software.
Especially in project management, a lot of personal and sensitive data has to be managed. Thus, security and privacy becomes most important when selecting a project management tool. Thanks to OpenProject, web-based project management and security and data privacy will be compatible.
As a firm believer in open source, OpenProject is investing heavily in the freedom of users. This encompasses the software freedoms granted by the GPLv3 and extends to the rights and freedoms granted by the General Data Protection Regulation (GDPR).
In the same transparent fashion that we develop our software, we are committed to transparency regarding data privacy protection of our software users and customers as well as information and system security. Cloud-based or on-premises, we provide enterprise-grade security for the safety of your business assets and the protection of your personal data.
Niels Lindenthal
CEO OpenProject GmbH
Our goal is to bring OpenProject to perfection as a lighthouse project for data privacy and security in Europe.
OpenProject is open source software for project management and team collaboration, published under the GNU GPL v3. The software code is publicly available on GitHub. We focus on open standards for our software development.
OpenProject is continuously developed and actively maintained by the OpenProject GmbH and an international community.
Install and run OpenProject on-premises in your organization’s infrastructure and behind your firewall. This setup in your own infrastructure or hosting provider of your choice provides you most privacy and sovereignty over your data.
Software freedom naturally extends to the rights and freedoms granted by the General Data Protection Regulation (GDPR). The GDPR compliance is self-evident for OpenProject. We handle our customer data with care, and we fulfill all requirements according to the GDPR, the German Federal Data Protection Act (BDSG), and even beyond.
Your software freedom ensured by open source on premises software. We do not want you to pay with your personal or organizational data nor be dependent on monopolies.
We do not set any not functional cookies nor collect or process any personal data for other purposes than ensuring our services.
OpenProject fulfills the highest level of security and data privacy demand for a project management software. It is built to meet the requirements of the most security-sensitive organizations.
OpenProject is an open source software that is developed and published on GitHub. Every change to the OpenProject code base ends up in an open repository accessible to everyone. This results in a transparent software where every commit can publicly be reviewed and traced back to the contributor.
Automated tests and manual code reviews ensure that these contributions are safe for the entire community of OpenProject. These tests encompass the correctness of security and access control features. We have ongoing collaborations with security professionals who test the OpenProject code base for security exploits.
Admins can enforce authentication mechanisms and password rules to ensure users choose secure passwords according to current industry standards. Passwords stored by OpenProject are securely stored using salted bcrypt.
Synchronize OpenProject users and groups with your company’s LDAP to update users and group memberships based on LDAP group members.
With the single sign-on feature you can securely access OpenProject. Control and secure access to your projects with the main authentication providers.
Our cloud environment is continuously backing up user data with data encrypted in transit (via TLS/https) and at rest (files, database (including backups) via AES-256).
The two-factor authentication will prevent anyone from accessing or using your account and adds an additional level of security to your project organization.
Admins are provided with fine-grained role-based access control mechanisms to ensure that users are only seeing and accessing the data they are allowed to on an individual project level.
This badge shows the current status of your OpenProject installation. It will inform administrators of an installation on whether new releases or security updates are available for your platform.
Security updates allow a fast fix of security issues in the system. Relevant channels will be monitored regarding security topics and the responsible contact person will be informed. Software packages for security fixes will be provided promptly.
Admins can set a specific session duration in the system administration, so that it is guaranteed that a session is automatically terminated after inactivity.
With our Enterprise cloud your data is stored on secure servers within the EU. Both the data center and network architecture are designed to meet the needs of highly security-conscious organizations.
Redundant infrastructure built for high availability and performance. Regular data privacy assessment and certification by external auditor.
We provide continuous encrypted data backups being fully encrypted with AES-256 in separate locations. In the event of an accident data can be easily recovered.
We offer secure hosting of your OpenProject cloud also in a German data center on request.
Our DPA reflect our data privacy and security commitments to our clients. The DPA can be signed directly in your OpenProject Cloud environment.
We take care of your entire installation including the application, database, and operating system so you can focus on your projects.
We provide processes, controls, systems, procedures, and measures that ensure the security of the processing of personal data and storage.
Our systems and processes are designed around your privacy and the principle of data minimization.
OpenProject monitors thoroughly and continuously the developments and regulations for data security, privacy and compliance within the EU and all around the globe. We take our responsibility very seriously when it comes to taking care of personal data, secure processes, secure infrastructure, and a secure application.
This covers all aspects of our business:
We provide a mailing list for security advisories on OpenProject. Please register to get immediate notifications as we publish them. No messages except for security advisories or security related announcements will be sent.
Please contact the OpenProject security team:
Getting started
Learn about the first steps
with OpenProject
User guide
In-depth guide of all features
in OpenProject
System admin guide
Learn how to configure your
OpenProject
FAQ
General frequently asked questions
Enterprise edition guide
Manage your OpenProject
Enterprise edition
Installation and operations guide
Find out how to install
and operate OpenProject
Release Notes
See the latest changes
in OpenProject
Development
Learn about how to contribute
to OpenProject
API
Learn about the API
powering OpenProject
BIM Guide
Additional BIM features for construction teams
Use Cases
Detailed step-by-step instructions
Installing OpenProject
Learn how to download and install OpenProject on your own servers.
Enterprise add-ons
Find out about the OpenProject Enterprise add-ons to boost your project management.
OpenProject hosting
Get started easily with OpenProject hosting from the experts.
Support
Find out how to get maintenance and support for OpenProject in your organization.