Expand my Community achievements bar.

Come join us for our Coffee Break this WEDNESDAY on top takeaways from Adobe Summit!
RSVP Here

Hello - reaching out to our Workfront community to see if any customers have run into challenges in terms of the Workfront environment not meeting requirements for compliance storage (WORM regulations) If so, what solutions have you tried to store data?

Avatar

Level 2
Level 2
6/23/21 8:11:49 AM
 
Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Compliance

Views

450

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
6 Replies

Avatar

Level 9
Level 9
6/24/21 6:39:52 AM

Hey Natalie! This is a tricky question. One of the things we wanted to ensure when onbiarding WF is WORM compliance. The response from WF was 'sure! we can do that!'. However, the answer was related to WF being able to be customized to create compliance processes. It doesn't seem like it can support the needs for WORM compliance.

Another thing to note is that there is contractual language specific to NOT storing confidential information such as PII in WF.

In reviewing the contract and associated terms/conditions, I did find the following within Workfront’s security terms (https://www.workfront.com/workfront-security) in the Acceptable Use Policy.

This Customer Acceptable Use Policy (“AUP”) describes actions that are prohibited when Customer uses the SaaS Services. Workfront reserves the right to suspend Customers access to the SaaS Services as a result of any violation of this AUP by Customer or any of its personnel.

Customer agrees not to upload or otherwise transmit to or through the SaaS Services any of the following material or other content (“content”):

· content that infringes the intellectual property rights or other rights of third parties, including without limitation trademark rights, copyrights or rights of publicity or privacy;

· content that contains viruses, trojan horses, worms or any other malicious, harmful, or deleterious programs or code;

· content that is libelous or defamatory or otherwise malicious or harmful to any person or entity, or discriminatory based on race, sex, religion, nationality, disability, sexual orientation or age;

· content that promotes or enables any illegal activity; or

¬∑ personal financial information or medical information of any nature or any other non-public personally identifiable information that could be legally considered private or sensitive, including without limitation social security numbers, driver’s license numbers, birth dates, personal bank account numbers, passport or visa numbers, passwords, and credit card numbers.

All that being said - our team is looking to explore Box.com but we haven't gotten that far yet.

I think that's a long way of giving you way too much information but hopefully that helps!

Views

450

Replies

3
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
6/24/21 8:26:22 AM
In response to Christina_Jarosz

Very helpful! I appreciate you sharing this information and It's great to know other customer's struggle with the best solution as well.

Views

450

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
6/24/21 10:29:55 AM
In response to Christina_Jarosz

Thank you Christina,

Selfishly, your callout that Workfront customers are precluded by Workfront's Customer Acceptable Use Policy (AUP) from storing personal financial information that is considered private or sensitive could be very helpful to Workfront's Partners: when asked by an existing client for assurance / restrictions / warrants etc. that we (as a Partner) will not retrieve / will or will not store / will protect etc. such information, going forward, I intend to respond by directing such clients to this AUP as evidence that it is the client's prerequisite onus that no such data exist within their Workfront environment, therefor negating such restrictions on us (as a Partner).

@Tom Crabb‚ I suspect other Partners might also be interested for similar reasons, invite you to relay this one to them, and (offline) would appreciate learning if they agree with my stance.

Regards,

Doug

Views

450

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 9
Level 9
6/24/21 11:24:56 AM
In response to Doug_Den_Hoed__AtAppStore

I think it can benefit someone.....but our purposes, it doesn't benefit us trying to build out our processes. :)

Views

450

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
6/24/21 8:13:33 AM

We struggle with this as well. Bookmarked so I can follow other responses. Thank you for posting this topic, Natalie.

Views

450

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
6/28/21 12:11:26 PM

We had a good convo about this in the @Financial Services‚ group and a member of our product team suggested the following on this thread.

Brent said: "Workfront by itself will not meet the FINRA requirements from a WORM archival standpoint. However, with a Fusion integration you can definitely connect to a WORM compliant solution so you can satisfy this requirement. When at Charles Schwab, WF was used as the source of truth of content initiation as well as approvals and then a summary file was generated to house the approved assets, date and time stamp, approver, any comments associated with the assets and the products being featured inside of the piece of content. This was then archived inside of the official archival system of record which was integrated with Workfront. If you would like to speak more about this, please feel free to shoot me a note at rudewick@adobe.com and I can help you build something that will work with the regulators."

Views

450

Replies

0
Sign in to like this content

Total Likes

Translate
Translate