Security & Compliance Features
Secured cloud provider
The application is hosted on Amazon Web Services (AWS). AWS data centers and services are highly secured and have many certifications like SOC 1, 2 and 3, ISO 27001 and 27018 and offer PCI and HIPAA compliance.
Encryption in Transit & at-rest
All the information travelling on the network is using TLS 1.2 and is protected by a 256-bits certificate. Information at-rest is also encrypted using a 256-bits Advanced Encryption Standard (AES).
backups, versioning, archiving
We are using soft deletion only, unless we receive a written request from a customer. Thus, you can always go back to a previous version of a document or retrieve a document that was inadvertently deleted. Never lose information again.
flexible & realtime permissions
We use a very granular permission approach that allows us, for any part of the system, to control who can read, write, create or delete information. You can also request custom permissions sets / groups to accommodate your needs. Also, all the permissions are refreshed and validated at every request, ensuring that permissions changes are applied in real time.
If you require every team in your organization to have it’s own independent account, we will be pleased to help you with that.
By default, your data is hosted in the United States. However, we can host your data in many other regions of the world if you have this requirement.
Our application is built exclusively on top of high-availability services, and the microservices approach ensures we do not have a single point of failure. We are also protected against DDOS attacks and the infrastructure is scaling automatically to accommodate higher workloads.
traceability & auditability
Everything that happens on our application is traced and sent to an audit log, both in terms of content changes than in terms of actions. It allows us to facilitate any audit that could be required by your internal or external audit team.
If you prefer to have a completely segregated environment that only your system administrators can access, we can accommodate that as well so you can benefit from all the advantages of being in the cloud while keeping a total control over your infrastructure and data repositories.
Even in the case of a disaster affecting our data centers, we are able to redeploy automatically in very little time in another data center, reducing downtime to minimum.