Security & Compliance

Plenit has been designed to meet the highest standards of security, privacy, and regulatory compliance.
Request a Demo

Shared responsibility model

Plenit’s shared responsibility model defines which duties belong to the partner and which to Plenit, depending on the cloud service type.

INFRASTRUCTURE AS A SERVICE (IaaS)

In infrastructure services like Servers, Plenit provides the core platform, while partners retain broad control. They manage data, identities, backups, configurations, applications, the OS, and firewall rules. Plenit handles the host, virtualization, storage, infrastructure-level network controls, and data center operations.

PLATFORM AS A SERVICE (PaaS)

In platform services like Remote Desktop, Plenit handles most technical operations, while security remains shared. Partners manage data, identities, backups, configurations, applications, and some OS tasks. Plenit oversees shared OS layers, virtualization, storage, infrastructure-level network controls, and data center operations.

SOFTWARE AS A SERVICE (SaaS)

In SaaS services like File Storage and Object Storage, Plenit manages most of the platform. Partners focus on data and access control, while Plenit handles backups (* except in Object Storage), applications, OS, networking, hosting, and data center operations.
Security - Platform

Platform Security measures

Layered security controls designed to protect access, data, infrastructure, and service availability across the platform.
Security - Cloud products

Cloud products Security

Remote Desktop
Servers
File Storage
Object Storage

Remote Desktop

Remote Desktop is designed to deliver a secure, reliable environment for remote work, combining:

  • Dedicated Perimeter Protection. Traffic is monitored and filtered through firewalls, IDS/IPS, and Anti-DDoS systems.
  • Multiserver Architecture & High Availability. Remote Desktop runs on a multiserver setup that maintains service continuity, allowing sessions to fail over automatically to available hosts.
  • Encrypted Communications. All data uses SSL encryption to ensure confidentiality, prevent interception or tampering, and protect remote sessions against unauthorized access attempts.
  • Application Isolation with RemoteApp. RemoteApp publishes applications in isolated environments to minimize exposure.
  • Two-factor authentication remote access.
  • Backups & Recovery. Scheduled backups include: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15). VSS snapshots allow backups while files are in use, with two daily snapshots on C:\ and 7% storage reserved.

Servers

Servers are designed to provide a secure, flexible environment for critical workloads, combining network isolation, high availability, and robust recovery capabilities:

  • Dedicated Virtual Firewall with Geo-IP. Each network includes a dedicated virtual firewall with customizable rules, IP filtering, and Geo-IP restrictions based on traffic origin.
  • VPN & Private Networks. Secure connectivity is enabled through IPSec Site-to-Site VPNs and remote access. Private networks fully isolate traffic between environments.
  • Load Balancing. Built-in load balancing distributes traffic across multiple virtual servers, improving performance and ensuring service continuity.
  • N+1 Cluster Architecture. Physical servers run on an N+1 cluster, providing additional capacity to absorb failures and maintain uptime.
  • Backups & Recovery.  Servers use NetApp disk snapshots: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15).

File Storage

File Storage is designed to deliver a secure, flexible, and efficient solution for managing information, combining encryption, granular access control, and built-in backup capabilities.

  • Data Encryption. Data at rest and in transit is protected with encryption, strengthening confidentiality and reducing exposure to unauthorized access.
  • User & Group Permissions. Access can be assigned at user and group level, ensuring each person can only reach the information they are authorized to use.
  • Secure External Sharing. Documents can be securely shared with third parties through the web, with optional password protection and expiration dates.
  • Backups & Recovery. The service uses NetApp disk snapshots: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15).

Object Storage

Object Storage, built on the S3 protocol, provides a secure, scalable, and reliable solution for managing large volumes of data:

  • Data Encryption. Objects are encrypted in transit and at rest, protecting confidentiality and reducing exposure to unauthorized access.
  • High Availability & Distributed Storage. A distributed architecture increases service availability and safeguards data against local failures or disruptions.
  • Triple Replication. Each object is stored on three separate disks across three servers, with at least one replica kept in a different data center by default.
  • File Versioning. Versioning can be enabled at subscription level, allowing recovery of previous object versions.
  • Granular Permissions. Access control can be applied at object or bucket level, ensuring precise management of who can read, modify, or administer stored data.
Compliance - Privacy - Data Sovereignty

Compliance and privacy

Plenit ensures rigorous data protection through globally recognized frameworks and controls, delivering secure, compliant, and reliable services.

Data sovereignty

Data sovereignty ensures that the storage and processing of information comply with the laws and requirements applicable in each territory. At Plenit, this approach is supported by an infrastructure deployed across different regions and by the ability to select geographic location in certain services.

For our partners, this translates into greater control over where their data is hosted and under which jurisdiction it is managed. This allows them to align deployment decisions with their compliance, privacy, and data-residency needs.

Data sovereignty also reinforces trust, transparency, and predictability in information management. At Plenit, it is part of our commitment to secure, responsible operations aligned with the regulatory requirements of every environment.

FAQs

What security measures does Plenit apply?
Plenit combines physical, logical, and organizational controls to protect infrastructure, services, and data. These include an Information Security Management System, risk assessments, multi-factor authentication for privileged roles, access control and logging, Anti-DDoS protection, IDS/IPS systems, network and power redundancy, continuous monitoring, physical facility protection, and identity and permission management across services.
Does Plenit support 2FA?
Yes. For several services, the portal includes two-factor authentication as part of its identity and access management system. In addition, privileged roles, especially administrators, are required to use multi-factor authentication.
How are services protected against external attacks?
Plenit’s infrastructure includes perimeter security measures such as firewalls, intrusion detection and prevention systems, and Anti-DDoS protection. These layers filter unwanted traffic, detect suspicious behavior, and mitigate denial-of-service attacks to ensure service availability.
Is data encrypted?
Encryption depends on the service. Some products include mechanisms to protect data in transit and, in certain cases, at rest. Customers are also responsible for evaluating their security requirements and ensuring encryption in transit where applicable.
Who is responsible for securing the environment?
Security follows a shared responsibility model. Plenit secures the infrastructure and platform under its control, while customers are responsible for managing users, permissions, configurations, and any additional security measures required for their specific use case and data sensitivity.
Does Plenit include backups or snapshots?
Yes, depending on the service. File Storage includes preconfigured snapshots with hourly, daily, and weekly retention points. Other services may also include backup, snapshot, or replication mechanisms depending on the product.
What is versioning in Object Storage?
It is an S3 repository feature that allows recovery of previous versions of an object. Customers can enable and configure it from the portal, including retention periods. Versioning adds protection against accidental deletion or modification, but it does not replace a backup solution.
Does Plenit offer export or reversibility options?
Yes, depending on the service. Plenit provides mechanisms to export or retrieve data in certain environments. In some cases, such as Servers and Remote Desktop, virtual disk export in VHD format may be available. In others, such as File Storage or Object Storage, customers can independently copy and extract their data. Export or reversibility requests must be handled through support.