Make sure your valuable digital assets are protected. We’ve engineered SmartVault from the ground up to deliver maximum security for all files you collaborate on internally and with clients. SmartVault is built with bank-level security and with compliance in mind.
Our team works hard to ensure that SmartVault’s single platform is the most secure way to confidently store and share your documents. We continually evaluate and seek to improve our security technology and procedures.
|Your Data is Secure While in Transit||All interactions with SmartVault occur over an encrypted channel. We employ SSL to protect your documents, passwords, and interactions with SmartVault from eavesdropping.|
|Your Data is Secure While at Rest||SmartVault encrypts your documents and all information stored in our databases at rest. The data is encrypted using AES-256. More details can be found in our Security FAQ.|
|How Your Data is Stored|
SmartVault is designed to allow access to documents via authenticated logins. In other words, documents stored in SmartVault are only accessible if you log into the service or share the documents with another individual that must log into the service. SmartVault employs an Activity Log that you can use to review:
SmartVault classifies the information you store in SmartVault into two categories: confidential data and sensitive data.Confidential Data
Confidential data includes the contents of documents, credit card account number, and password hashes. Confidential information is accessible by a limited number of SmartVault employees; however, SmartVault has processes and technologies which forbid access to that data without your express permission. Staff with this level of access are screened and trained on SmartVault’s security controls designed to protect your privacy. Auditing mechanisms are in place to detect any violation of this policy. SmartVault uses the Payment Card Industry (PCI) Data Security Standard (DSS) as an actionable framework to provide a robust security process. This standard is designed to protect credit card information; however, SmartVault employs this framework as a tool across all confidential information – including your documents. This framework provides us a security process that incorporates prevention, detection, and appropriate response to security incidents. The PCI Security Standards Council provides more information regarding PCI DSS.Sensitive Data
|Your Data is Securely Backed Up||Your documents and metadata are always stored using highly redundant replicated storage. Multiple copies of metadata and documents are stored in multiple geographical locations and backed up regularly to ensure data availability.|
|Compliance Requirements||Many of our customers face compliance pressure when it comes to managing sensitive customer information and documents. SmartVault’s security practices and Activity Log can support a document workflow that is complies with regulations like HIPAA, FINRA, SEC, and more.|
|Your Role in Protecting Your Assets|
Protecting your assets is a team effort between you and SmartVault, and we take this partnership very seriously. As such, we feel it is critical to help you do your part. Security is a tough balance between protection and efficiency. Just as military fortifications are very secure, they are hard to enter and exit. The additional procedures Protecting your assets is a team effort between you and SmartVault, and we take this partnership very seriously. As such, we feel it is critical to help you do your part. Security is a tough balance between protection and efficiency. Just as military fortifications are very secure, they are hard to enter and exit. The additional procedures that secure the facility effectively slow down operations within. That being said, we want to provide you guidance on measures that you can take to improve your protection, and still meet your business needs.
Here are some simple steps that every SmartVault user should employ:
Further, we encourage our customers to assess their own, individual data protection needs. For example, if you require additional data protection beyond what the SmartVault service provides, you can use third-party encryption systems to encrypt documents before storing them in SmartVault.
We take the responsibility of protecting your business’s sensitive documents very seriously. SmartVault is built with a security-first mindset, and we never compromise.
Your data is encrypted – which means it’s scrambled and unreadable – during transit and while at rest using AES-256. We employ Secure Socket Layer (SSL) to protect your documents, passwords, and interactions with SmartVault from eavesdropping.
You maintain control over which users have access to your data. Approved users must verify their identity via two-factor authentication (2FA) to access it. SmartVault users can also see exactly what’s happening, like who created, accessed, downloaded, and deleted documents.
Automatic data backup means you won’t lose anything to natural disasters, power failures, or human errors. Your documents and metadata are always stored using highly redundant replicated storage. Multiple copies of files are stored in multiple geographical locations and backed up regularly.
Protecting data isn’t just a best practice. For many, it’s the law. SmartVault supports compliance with most major worldwide regulations.Have more questions? Schedule time with a document management specialist.