Security & Control
The manner in which the Rally Supply Chain Management Service supports content, system, and user security is critical. Using in-transit and at-rest encryption, content is always protected. Firewalled private SaaS and Virtual Private Cloud deployments isolate individual systems. Complete control of user rights is available through Single Sign-On.
Rally Content Security
Content within the Rally system is always encrypted while both at-rest and in-transit. Integration with external applications can further protect content through the use of watermarks, key-based access and virtual private networks.
Rally System Security
All SDVI Rally systems are deployed as a private SaaS within a virtual private cloud (VPC) with dedicated resources. All communication in and out of Rally is via secure HTTPS using Secure TLS. Connectivity can also be provided exclusively via VPN if required.
Rally User Security
Rally supports Single Sign-On authentication (SSO) via any SAML compliant identity provider. Engineering or Operations retains control of all user authentication and access, enabling direct connection to Active Directory or LDAP, and use of existing usernames and passwords.
Rally employs comprehensive RESTful APIs for the purpose of connection to systems. Rally also interfaces with many standard messaging buses for inter-system communication.