For nearly two decades NetDocuments has set the standard for world-class security, compliance, privacy, and availability for documents and emails. Our customers' digital assets are protected and encrypted in transit and at rest across private, redundant, federally regulated datacenters and patented technology.
Key Security Features
Files are encrypted in transit (SSL-128) and at rest (AES-256).
Files are randomly indexed across more than 1.7 million logical directories.
Patented envelope technology embedding permissions and ethical wall rules into an obfuscated digital envelope.
24x7 armed guards, perimeter defense, and video surveillance at all datacenters.
Two-factor authentication with RSA, SecurID or a digital certificate as well as Active Directory integration.
Separation of Duties
Segregated duties and access across hardware operators, O/S personnel, software engineers, and support staff.
Employee Background Checks
Employee checks are performed annually for financial, criminal, ID, and terrorism watch list background.
Dual redundant firewalls, network IPS, layer 7 IPS, DOS prevention, and penetration tests.
Access rights, permissions, and ethical walls based on users and groups.
Static and dynamic application scans, comprehensive logging, and adherence to programming best practices (OWASP Top Ten, etc).
VPN & Active Directory Controls
Prohibit removable media from accessing document storage, two-factor VPN access authentication.
Service Organization Controls (SOC)
Annual Type 2 SOC 2 and SOC 2+ audits based on standards set by the AICPA.
SEC and FINRA Compliance
SEC rule 17a and 204 compliant, including a third party downloader addendum and WORM storage capabilities.
Full compliance with the Health Insurance Portability and Accountability Act of 1996 for privacy, security, and breach notification rules for data storage.
In-Depth Security Overview
-- Alvin Tedjamulia
NetDocuments currently operates on six regional datacenters located in the US, UK, and Australia. The hardware is owned and managed by NetDocuments and the physical facilities are maintained by leading corporations who specialize in physical security, monitoring, redundancy of power, multi-factor authentication, and separation of duties to ensure the highest level of security and physical datacenter protection.
Documents managed by NetDocuments are treated as digital assets, which you as a customer always own and control. Privacy and encryption are achieved while contents are in transit or at rest through AES-256 and SSL-128 encryption. The NetDocuments service undergoes regular penetration testing, is SOC 2 Type 2 (SSAE-16) and SOC 2+ certified, and is HIPAA, SEC, and FINRA compliant.