Secure Development, Product Standards, & Hosted Offering

Adobe Acrobat Connect Pro employs a broad range of tools to maintain product security, service security and data privacy for secure web conferencing. The Adobe development process includes security training, internal security reviews and extensive testing. Connect Pro server uses industry standards for security. Connect Pro hosted service employs security measures and privacy certifications to ensure privacy and data protection.

Development

Adobe Acrobat Connect Pro utilizes the rigorous Adobe development process to maintain product security.

Security at Adobe

Adobe uses industry-leading secure software engineering practices and processes in building its products. Adobe products are trusted throughout the world to provide engaging experiences while meeting the security needs of organizations and individual users. Industry best practices are used for product development, quality engineering process organization.

Dedicated Adobe Security Team

Adobe has a team dedicated solely to making sure that its products are designed, engineered, and validated using security best practices. The Adobe Secure Software Engineering team has industry leading experience in building secure applications and is a core service provided to all Adobe product teams, independent of any specific business or product line.

Development Checks and Balances

The Adobe Secure Software Engineer provides feedback to the Connect Pro product at well-defined checkpoints in the development process for the following:

• Threat modeling is performed at the feature and product architecture level.
• Security design reviews are conducted for features.
• A security test plan is created, based on the threat model.
• Source code reviews and penetration testing are conducted as the product nears completion.
• A security readiness review is conducted as the product nears release.

Incident Response

Occasionally, third-party security vendors, partners, and/or Adobe internal teams may uncover a potential vulnerability that could expose organizations to undesirable security risk. When Adobe becomes aware of a potential security issue, Adobes Product Security Incident Response Team (PSIRT) coordinates with representatives from the product engineering team to identify an appropriate remediation, which often includes a patch or a simple workaround. It also includes well-defined mechanisms for communicating about potential security issues that minimize our customers risk exposure.

Product Standards

Adobe Acrobat Connect Pro conforms to a variety of security standards.

Flash technology

Adobe Acrobat Connect Pro meetings run on Adobe Flash platform. Adobe Flash is the most broadly distributed platform in the world and through the broad scrutiny of security-conscious industries such as financial services, life sciences and government the platform has been hardened to meet their needs for security and protection. Connect Pro leverages Flash TLS/SSL implementation, sandbox architecture, permissions, and security controls to help ensure the safety of users and data.

TLS/SSL

Adobe Acrobat Connect Pro is configurable to communicate exclusively using Transport Layer Security (TLS). This feature allows all communication between client and server to be encrypted, preventing unknown parties from viewing data.

Adobe Acrobat Connect Pro hosted security

The Adobe Acrobat Connect Pro hosted service employs additional measures beyond the product to ensure security of the environment.

Monthly security scans

Adobe Acrobat Connect Pro contracts an independent third party to scan Connect Pro hosted on a monthly basis to identify security risks. Risks identified are addressed through defined and documented processes to maintain the highest levels of security.

TRUSTe Certification

Adobe Acrobat Connect Pro is committed to customer privacy through the use of government and industry guidelines concerning the use of customers personal information. The Connect Pro hosted service maintains the TRUSTe certification as a demonstration of this commitment.

Safe Harbor Certification

Adobe Acrobat Connect Pro also ensures the privacy through Safe Harbor Certification. Connect Pro hosted complies with the Safe Harbor framework to comply with the EUs directive on data protection. The framework specifies that Adobe Acrobat Connect Pro complies with the seven safe harbor principals; among them include standards for information access, security, data integrity, and enforcement.