World-Class Security & Compliance

For nearly two decades NetDocuments has set the standard for world-class security, compliance, privacy, and availability for documents and emails. Our customers' digital assets are protected and encrypted in transit and at rest across private, redundant, federally regulated datacenters and patented technology.

Key Security Features

Data Encryption

Data Encryption

Files are encrypted in transit (SSL-128) and at rest (AES-256).

Data Randomization

Data Randomization

Files are randomly indexed across more than 1.7 million logical directories.

Security Patent

Security Patent

Patented envelope technology embedding permissions and ethical wall rules into an obfuscated digital envelope.

Physical Security

Physical Security

24x7 armed guards, perimeter defense, and video surveillance at all datacenters.

Authentication

Authentication

Two-factor authentication with RSA, SecurID or a digital certificate as well as Active Directory integration.

Separation of Duties

Separation of Duties

Segregated duties and access across hardware operators, O/S personnel, software engineers, and support staff.

Employee Background Checks

Employee Background Checks

Employee checks are performed annually for financial, criminal, ID, and terrorism watch list background.

Network Security

Network Security

Dual redundant firewalls, network IPS, layer 7 IPS, DOS prevention, and penetration tests.

Advanced Permissions Management

Access Controls

Access rights, permissions, and ethical walls based on users and groups.

Application Security

Application Security

Static and dynamic application scans, comprehensive logging, and adherence to programming best practices (OWASP Top Ten, etc).

VPN & Active Directory Controls

VPN & Active Directory Controls

Prohibit removable media from accessing document storage, two-factor VPN access authentication.

Service Organization Controls (SOC)

Service Organization Controls (SOC)

Annual Type 2 SOC 2 and SOC 2+ audits based on standards set by the AICPA.

SEC and FINRA Compliance

SEC and FINRA Compliance

SEC rule 17a and 204 compliant, including a third party downloader addendum and WORM storage capabilities.

HIPAA Compliance

HIPAA Compliance

Full compliance with the Health Insurance Portability and Accountability Act of 1996 for privacy, security, and breach notification rules for data storage.

Physical Security

NetDocuments currently operates on six regional datacenters located in the US, UK, and Australia. The hardware is owned and managed by NetDocuments and the physical facilities are maintained by leading corporations who specialize in physical security, monitoring, redundancy of power, multi-factor authentication, and separation of duties to ensure the highest level of security and physical datacenter protection.

Digital Security

Documents managed by NetDocuments are treated as digital assets, which you as a customer always own and control. Privacy and encryption are achieved while contents are in transit or at rest through AES-256 and SSL-128 encryption. The NetDocuments service undergoes regular penetration testing, is SOC 2 Type 2 (SSAE-16) and SOC 2+ certified, and is HIPAA, SEC, and FINRA compliant.