At SeamlessDocs, we are committed to handling all partner data securely. We hold our employees, partners and vendors to the highest standards of conduct and compliance.
We support password-based, SAML, and AD Authentication. Our API uses a key-based authentication mechanism. All user sessions are timed out automatically, and all authentication data is encrypted. All passwords are hashed and salted using industry-standard bcrypt.
We encrypt data in transit to users using a standard SSL/TLS certificate. This prevents attackers from intercepting user data. All user data is stored in a SOC 1 Type II, SOC 2 Type I, and ISO 27001 certified Amazon AWS Datacenter.
Our hosting provider Amazon Web Services (AWS) adheres to the strictest data protection certifications. Data copies are encrypted, and stored on Amazon RDS (Relational Database Service). All data is stored in the United States.
SeamlessDocs successfully completed its SOC 2 Type 1 examination, conducted by independent auditing agency A-Lign. SeamlessDocs systems have been confirmed to ensure the privacy, security, confidentiality, availability and processing integrity of all partner data. Upon request, we can provide a SOC 2 report and attestations of compliance.
Complete snapshots are made daily, and point-in-time restoration of data is generally possible to within 10 minutes.
We encrypt data at rest in both primary databases and all backup data snapshots using industry standard AES-256 encryption. This prevents access to user data by any attacker who might gain access to Amazon’s secured data centers.
We can sync with your existing Single Sign On (SSO) provider such as Active Directory for additional authentication security. We sync with all major SSO Providers.
We are constantly running checks to detect and prevent any potential intrusion attempts. In addition, third party platforms we use have all been verified to provide the highest level of security.
Through our Cloud Security Platform we are able to monitor and prevent suspicious activity before it becomes malicious. However, we do not collect any data on those files being monitored.
Our system is designed to regularly review data associated with log ins, such as geographic location, to ensure there are no anomalies regarding engagement with our networks.
SeamlessDocs is confirmed compliant with the Health Insurance Portability and Accountability Act (HIPAA)—the standard for sensitive patient data protection. This means that SeamlessDocs (employees, associates and subcontractors) have the physical, network, and process security measures in place to ensure the security of protected health information (PHI).