Document Security & Compliance: Are You Really Willing to Risk it?

September 3, 2012
Salt Lake City, UT

There is no shortage of subpar consumer services available to store documents and data. Should you, as a firm and practicing professional, be using these to store and access client documents and confidential information? The answer should be a resounding no. Performing a quick web search on data security breaches for many of the consumer services returns a staggering amount of posts, ranging from hacked accounts, to leaked passwords, to complete data loss. For over a decade, NetDocuments has been solving the document management security concerns for firms all over the world. Here are some key questions and answers to navigate the complexity of client data and confidentiality.

Q: Who owns and can access the documents in the system?

A: With many consumer services, the terms of use state that everything entered in the system is owned by the service provider and may be accessed without consent. This is unacceptable for those in professional services positions, legal, corporate, or financial services; with NetDocuments, the documents and data are always treated as digital assets which only the firm owns and has access to.

Q: Who manages the data?

A: With NetDocuments, the firm is the only entity who has access to the system and continues to manage their own data based on predefined security. The organization, users, user groups, retention policies, security controls and ethical walls are all designed by the firm administration.

Q: What security certifications are in place?

A: Unlike consumer services, NetDocuments is SSAE-16 SOC 2 certified (formerly SAS 70 Type II). This rigorous certification is a third party audit to ensure that company and datacenter protocols for data management are in place and enforced at both the primary (LexisNexis) and disaster recovery (Zions Bank) data centers. The datacenter structure and SSAE-16 certification allows NetDocuments to be SEC, FINRA, Truste EU, Safe Harbor, and HIPAA compliant as well. This extreme bank-level security has been architected from the ground up specifically for the legal industry.

Q: What is the service uptime and availability?

A: Since 1999, NetDocuments has had a 99.995% uptime. This means anytime, anywhere access and from any web enabled device. In addition to both data centers, NetDocuments' internal IT department has 24X7X365 monitoring in place to ensure performance is always maintained and maximized across the entire system.

Q: Can I lose a document?

A: No. Unlike the consumer services, NetDocuments uses patented technology for access and archiving each document in the system. Once created, the document receives a unique identification number, and is then replicated across the disaster recovery datacenter in addition to a shadow location on the user's workstation. The unique identifier and patented "envelope" technology wraps each document, making it unique across nearly 1 billion documents in the global system. The identifier allows for document retrieval and even enables the ability to restore the item in the event the user accidentally permanently deletes.

Q: Can an unauthorized person read my documents?

A: No. NetDocuments and the redundant data centers do not have access to the content of the documents. As digital assets, they are treated as the firm's property. The law firm has the sole ability to create security controls, user groups, and access rights on individual documents, folders, matters or organizing cabinets.

Q: Are documents encrypted while being transmitted? What about the data centers?

A: Yes. NetDocuments utilizes SSL (secured socket layer) and 256-AES for document encryption. Additionally, documents are encrypted while at rest in the datacenters, obfuscated and randomized across 1+ million directory nodes.

Q: What if I accidentally delete a document?

A: A tiered deletion structure and retention policies helps reduce the risk of inadvertently deleting a document. However, IF a document is accidentally deleted and then purged from the deleted items bin, the document can be restored or "rolled back" to a previous date, up to 30 days from the time it was permanently deleted.

Q: Can I keep my documents locally as well as in NetDocuments?

A: Yes. There is an optional Local Document Service which allows NetDocuments to replicate all data from the data centers to a server or other device sitting locally at your firm. While not necessary, this may offer an added peace of mind..

Security should always be at the forefront of technology priorities. It's time to switch to a robust document management system that has the experience, history, and knowledge to securely manage your firm and client data. As a professional managing sensitive client data, it's your duty to exert a "reasonable and competent" effort when selecting technology that potentially affects client information - NetDocuments is the solution, now used by over 150,000 people across the globe. Schedule your no-obligation free demo.