Posts from "April, 2014"

Why your prototypes are in safe hands

We understand that many businesses place great emphasis on security, which is why at Pidoco we go the extra mile to keep your data safe. German engineering doesn’t just mean that we abide by some of the strictest laws on data protection in the world, we have also engineered our product to keep your projects safe. An up-time of our system of more than 99.9% in 2013 is evidence of our dedication to providing safe and stable services.

Personal Data

At Pidoco we believe that scarceness of data collection is the best way of preventing data abuse. This is why Pidoco keeps the collection of personal data to an absolute minimum necessary for providing our services. In storing and processing these data Pidoco abides by the “8 Commandments of Data Security” based on the very strict and comprehensive German data protection laws (http://www.gesetze-im-internet.de/englisch_bdsg/englisch_bdsg.html#p0649). These ensure that the highest control and protection standards are met in regard to access to and accessibility of, transfer and circulation of, input and change of, availability and separation of personal data as well as to the commission of data processing. As part of these standards we keep our website and servers secure and safe.

Our Website

Like all our publicly accessible systems, the Pidoco website (https://pidoco.com) is protected by secure certificates and passwords. We use SSL encrypted secure connections (HTTPS) similar to those standards that financial institutions use for online banking. We also employ so-called “forward secrecy” for data transfers, which prevents past data transfers from being compromised. In addition, our website is fully certified for electronic payment transactions. Only a limited number of trusted administrators work with our live system and their access is logged to make it verifiable.

SSL

Our Servers

We operate our servers in professionally managed award-winning data centers with very high security standards based in Germany only. Our server provider is bound by data protection contracts with us, abides by the “8 Commandments of Data Security” as well and is dedicated to ensuring security and safety standards in general. Physical firewalls, UPS for all servers, CCTV, video surveillance of the facilities, smoke sensors and early fire detection systems with a direct line to the local fire department are used to keep your data safe. Our specialized trusted server provider is certified by official German institutions and works for your data security 24 hours a day, 365 days a year.

In addition, our server provider is also dedicated to the environment, using only renewable energy sources.

 

Servers_with_lock

 

Content Data

Pidoco users create and share content all the time mostly in the form of prototypes. The measures described above apply to keep them safe and secure, too. Additional measures are designed specifically to keep your prototypes safe:

Your Prototypes

Your prototypes are backed up at least once every 24 hours, so your work will never get lost. Backups are encrypted and stored on redundant servers in different German cities, so we can restore data in the unlikely event that this becomes necessary. Consequently, any progress you have made on your work is always secured even if your own system shuts down.

Putting You In Control

At Pidoco, we save your work automatically and for peace of mind, we also let you save restore points for your projects as you prototype – so-called “versions” or “milestones”. To do so, just click on the Save button in the Toolbar. That way you can always go back to a previous version of your prototype if anything should happen. In addition, our daily backups create new milestones of prototypes you have edited that day, so you can jump back to these milestones as well.

Pidoco also provides you with options for downloading prototypes as HTML, PNG or SVG files to store on your local hard drive for times when you will be offline or as additional backup.

Collaboration

At Pidoco we make collaboration as secure as possible. When you share your prototypes (e.g. by clicking on the Envelope icon in the Toolbar) you decide who will gain access and what the invitee will be allowed to do. Your options for custom invites are: viewing the prototype, adding comments to it, viewing and administering it, or co-editing your prototype. Invitations are sent by email, so only the person whose email address you specify will receive the unique invitation URL to your prototype. Only people with this URL will be able to access your prototype. Invitation URLs can be deleted at any time if you decide to revoke access.

Special Requirements

If you have special requirements with regard to security and safety, we offer a range of solutions, including dedicated server and in-house systems. With the Pidoco Enterprise Edition, we can engineer solutions to suit your particular needs. Please email us at sales@pidoco.com if you would like to receive information on our Enterprise Edition.

 

Still have questions about our data protection systems? Comment below, or email us at service@pidoco.com.

 

Pidoco participates in Berlin Web Week

Every year in May Berlin gets digital hosting the largest European festival of the digital business and IT scene – the Berlin Web Week. Expecting more than 15,000 visitors this year, the 7th edition of this event will take place from May 5-10, 2014. The probably best-known events are re:publica 14, Europe’s largest conference on social media, and NEXT BERLIN 2014 presenting the latest trends of the digital scene. As always this year’s agenda is filled not only with conferences and conventions. There will be workshops, hackathons, bar camps as well as new exciting events.

tools Expo and Conference logo

Pidoco is one of the exhibitors at tools Expo and Conference in 2014

 

Pidoco at tools Expo + Conference

One of the notable events this year and taking place for the first time ever is tools Expo + Conference which will be held from May 7-8, 2014 at ExpoCenter City in Berlin (one of the Messe Berlin locations). This showroom will exhibit the latest web-based business applications and offer exciting workshops giving all visitors the opportunity to join practical tests and trainings and to benefit from mutual exchange of knowledge and ideas.

Pidoco is happy to be part of tools 2014 as exhibitor and will also host a workshop on prototyping on the first day of the event. We will present the latest version of our prototyping tool including new features soon to arrive at booth 15.2 in hall 18 in the ExpoCenter City.

Pidoco - The Rapid Prototyping Tool for Web and Mobile

Pidoco – The Rapid Prototyping Tool for Web and Mobile

The workshop “Rapid Prototyping & Usability Testing” will take place on Wednesday, May 7 at 11.40 am, and we invite everybody interested to join. In this 30 minute power testing workshop, we will show participants how to easily create interactive mobile prototypes, how to design a suitable test scenario and how to run a mini usability test to ensure market success. Email us at service@pidoco.com to get a free ticket (first come, first served) or buy your ticket here.

We are looking forward to seeing you at tools 2014!

 

Date: 7 and 8 May 2014
Location: ExpoCenter City Berlin
Directions: http://www.tools-berlin.de/en/Travel/HowToGetToTools/

 

We are giving away free tickets until 1 May 2014 (first come, first served)! Just email us at service@pidoco.com or write us on Twitter!

CeBIT raffle: Congratulations to our winners

Champagne_Showers_2_by_Merlin2525

The dice have fallen, luck has decided, the winners of the Pidoco CeBIT raffle have been determined! Every visitor at our CeBIT booth who left their contact with us participated in the raffle automatically. Whether they talked directly to us or just left their card in the box provided was of no significance, everybody had the chance of winning a 6-month Expert License for Pidoco’s Usability Suite.

Ten lucky winners have been informed of their wins via email and we congratulate them warmly. We hope you will enjoy using Pidoco.

Congratulations from the entire Pidoco Team!

If you were not among the lucky winners or missed us at CeBIT and would like to pre-trial the new features of our next release, email us at support@pidoco.com.

Security Announcement: OpenSSL security breach “Heartbleed“

Earlier this week security experts detected a significant security breach in some versions of the popular OpenSSL encryption software that is being used on about two thirds of all secure web sites. The bug is now commonly referred to as Heartbleed. It allows stealing the information normally protected by the SSL/TLS encryption used to secure the internet. Most significantly the breach compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content.

Source: Wikimedia Commons
Source: Wikimedia Commons

Pidoco’s counter measures

Pidoco has immediately reacted to the discovery of the security issue and fixed the problem. We updated our servers to a new and secure OpenSSL version on Tuesday, April 8, 2014 at 11:58 AM UTC and have replaced our existing SSL certificates with new and secure ones since.

In addition, although our internal audit produced no evidence of the Pidoco systems having been compromised, all active user sessions were terminated to minimize potential exposure.

We have also taken measures to directly inform all users who might have been affected. To find out if you have been affected, please check your email.

 

Who has been affected?

Since Pidoco had only just begun using the breached OpenSSL version on March 2, 2014, only Pidoco users who logged on to their Pidoco accounts between March 2, 2014 and April 11, 2014  may have been directly affected by the breach. To those users we strongly recommend following the instructions below. Since Pidoco follows best practices in using forward security only this time frame is relevant to the breach.

In case you did not log on to your account in the period stated above but use your Pidoco password for other web services as well, we also recommend to follow the instructions below, as your login data may have been compromised using another online service (e.g. online mail providers, social media platforms, etc.). You can check which websites are (still) using the breached version of OpenSSL here.

All our other users are not directly affected by the breach pertaining to their use of Pidoco services. For peace of mind you may still want to follow the instructions below.

 

Recommendations for affected users:

Change password

1. Log on to your Pidoco account and click on “My Account” in the upper right corner

How to navigate to "My Account"

2. Go to “My Profile”, type in your current password and your new password in the input fields provided, and click on save.

 

How to change your password

3. A message will appear confirming the change

If you use your Pidoco password for other web services, too, and have logged on to your Pidoco account between March 2, 2014 and April 11, 2014, we advise you to change the password for these services as well.

 

Our dedication to your data security

We are dedicated to keeping your data secure and safe. Please be ensured that we are taking appropriate measures towards this end. If you have any questions on the topics discussed in this blog post or on data security at Pidoco in general, please don’t hesitate to contact us via email (support@pidoco.com) or phone (+49 30 4881 6385). We will be happy to answer your questions.