EXTERNAL VALIDATION AND THIRD-PARTY CERTIFICATION

SOC 2 Type 2 Certified

Evisort is SOC 2 Type 2 certified and our system is equipped with automated monitoring. Your most sensitive data is in the safest and most secure environment

Penetration tested for vulnerability management

Twice a year Evisort undergoes regular penetration testing by disinterested third parties and continues vulnerability monitoring to maintain the security of our solution. We also continually scan and test our services internally, as well as contracting with external firms.

Trusted By The World’s Largest and Most Secure Organizations

HIGHEST INTERNAL MEASURES

Security and privacy policies

Evisort has a formal, corporate-wide privacy policy in place, reviewed by counsel. We do not store or maintain personally identifiable data or credit card information. Our security program is based on ISO 27001 standards.

A formal Information Security Policy is in place with regular review and updates on: acceptable use, backup, business continuity, data classification, email use, encryption, incident response, information security, intellectual property rights, network access and authentication, outside devices, paper and electronic media, passwords, patch management (servers and applications), physical security, risk assessment, software change management, software development, and third-party vendors.

Data control and monitoring

Evisort has continuous monitoring in place, including network and host intrusion detection. We keep full audit logs and conduct vulnerability scans regularly.

Secure web hosting services

Evisort is hosted on both Microsoft Azure as well as Amazon Web Service in a multi-tenant configuration with a Virtual Private Cloud (VPC) option.

High encryption standards

Data is encrypted at rest and in transit (AES-256).

Cloudflare Endpoint protection

All connections are monitored and secured through the industry-leading Cloudflare Endpoint protection, which monitors for, and helps prevent, malicious visitors.

Manage your users access

Customized access control

Evisort allows clients to create and manage different levels of user access privileges, such as admins and read-only users. Admins can also define which users have access to certain documents and folders.

Single sign-On

For enterprise customers, Evisort supports Single Sign-On (SSO) via SAML, the industry-leading standard for identity management and federated access control. With SSO enforced, our customers can use the same login credentials and security requirements that they apply across their enterprise for all their important applications, and streamline the user provisioning and de-provisioning process.

Manage your users access

Customized access control

Evisort allows clients to create and manage different levels of user access privileges, such as admins and read-only users. Admins can also define which users have access to certain documents and folders.

Single sign on

For enterprise customers, Evisort supports Single Sign-On (SSO) via SAML, the industry-leading standard for identity management and federated access control. With SSO enforced, our customers can use the same login credentials and security requirements that they apply across their enterprise for all their important applications, and streamline the user provisioning and de-provisioning process.

VULNERABILITY TESTING

World-wide bounty programs

Evisort runs a world-wide bounty program where white-hat hackers are offered payment to discover vulnerabilities in Evisort’s system. The bounty program is one of many ways we are proactive in our security efforts.

“The platform's upfront value is second to none. The speed and accuracy with which it uploads thousands of documents save us a lot of time. We can upload and fully index  8000 documents within hours”


Joshua Klein
Director of Information Technology