iDox.ai takes security very seriously and aims to provide the industry’s most secure solutions to keep customer data and system safe.Security comes in many forms:
- Document Security to ensure that information within a contract is not compromised.
- Cyber Security to guard against and/or quickly deal with any security related problem associated with iDox.ai product.
- Cloud Security to ensure your data is safe over the internet.
iDox.ai allows contract authors to upload contracts and apply various security measures, including encryption, access control for sharing, privacy ownership.The ease of use and power of these features provided by iDox.ai allows both individual users and organizations to effectively keep their information private and confidential.
- 256-bit Advanced Encryption Standard (AES)
Access Control for sharing
iDox.ai users can easily share documents by applying passwords to documents to prevent unauthorized viewing.In addition, they can specify access control on documents to effectively prevent changes to the documents, restrict printing, or altering documents.
iDox.ai collects and processes your data for the entire process of your purchase or your subscription and your personal data will only be passed on to third-parties or otherwise transmitted if this is necessary for the purpose of contract execution or billing or if you have previously consented.The data transmitted in this way may only be used by our service providers to fulfill their task.Any other use of the information is not permitted to protect your privacy.
In addition to contract security, iDox.ai recognize that the web service itself can be a target of attacks, so we take our web security very seriously.As such, we have long adopted measures and processes that are leading industry best practices to ensure analysis process secure and have also introduced features and capabilities in the contract analytics service itself so that user data can be further protected in specialized situations.
Security Best Practices
iDox.ai solutions are developed under the supervision of an internal process that incorporate various industry best practices.These software engineering practices cover design, development, testing, and verification.We further simulate known attack vectors in automated environments, ensure security vulnerabilities are discovered and remediated immediately in the internal development process.In addition, we have a dedicated team of experienced security experts, whose have been assigned the exclusive responsibility of monitoring, troubleshooting, and verifying the execution of the entire process.
Cross-domain Attack Prevention
iDox.ai recognizes the inherent risks associated with cross-domain resource access, a provision in the PDF standard itself, but at time used be attackers to fetch malicious code fragments or other resources into a user’s system.As such, iDox.ai has disabled such access by default , and caution users not to enable such an option in their browsers.
Cloud services provided by iDox.ai enhance the capabilities and user experience of the iDox.ai End User Productivity solution.These services are constantly monitored for availability, performance, as well as security.
Data Center Security
All iDox.ai cloud services are managed by our trusted cloud service provider, Windows Azure Cloud Services (Azure), which is an ANSI tier-4 data center, and maintains verify strict controls around data center access, fault tolerance, environmental controls, and security.Only approved, authorized iDox.ai employees, cloud service provider employees, and contractors with a legitimate, documented business area are allowed access to the secure sites in multi zone, USA.
Data Encryption and Privacy
iDox.ai cloud services are designed with privacy and security as a high priority.All information transmission between the users and the iDox.ai cloud services are fully secured with 256-bit AES encryption over the HTTPS transport protocol.
iDox.ai employees and trusted vendors only access customer data to perform certain business and support functions, or as required by law.iDox.ai does not provide any government with direct or systematic access to customer data that we store.
iDox.ai builds product and service applications in a "safe by default" way.Through security control specifications in the early development cycle and automation, as well as continuous monitoring, we understand our security status through reports, dashboards and quarterly compliance reviews, and then take the initiative Prevent security risks and maintain the end-to-end security of our products and company infrastructure.