Earlier this month, Ryan Asdenti, a Sales Executive of eOriginal, kicked off his Q&A Series and has since been answering common questions that come up during the sales process. Have a question you want answered? Ask Ryan by emailing marketing(at)eoriginal.com.
Today’s Question: Will My Financial Assets Be Safe? How Are My Financial Assets Secured Digitally?
Managing your business in the digital world can often seem daunting. While going digital provides a competitive advantage and cost-saving benefits, businesses still fear cyber security risks. Their solution? Keep everything “old school” or “the way business has always been done.” Unfortunately, that solution not only limits the company, but actually provides less security than new, robust digital solutions.
It is a common misconception that paper documents are safer than digital documents. Paper can be lost, damaged, misfiled, or – even worse – fall into the wrong hands. The digital management of assets provides proven security standards: enabling user access rules; audit trails throughout the lifecycle of the document; easy retrieval of documents pre- and post-execution; and no needed storage space.
Proven Security Standards
We understand that your financial assets are important to your business’s financial and legal health. As the paper era begins to sunset and the age of Digital Transaction Management (DTM) matures, digital transformation solutions have greater pressure than ever to provide secure and compliant solutions for the lifecycle management of documents.
We pride ourselves on our security features, treating every transaction within the eAsset® Management Platform as a critical asset that requires verifiable security, legal compliance, and enforceability. Our solution meets stringent and necessary standards to ensure that your information is never compromised. Not only do we believe that we maintain the best security standards, accredited service auditors agree. Just this week, we announced that we successfully completed the SSAE 16 SOC 1 Type 1 audit.
Participating in voluntary audits not only keeps our business honest, but it ensures that our controls and processes involved in storing, handling, and transmitting data securely. We regularly complete system penetration testing, application penetration testing and system vulnerability testing by accredited third party auditors.
We like to call this level of protection eCertainty®, providing you with a peace-of-mind that your assets are secure.
It Starts Before the Signature
Digital security begins at the signing ceremony, where we have developed web interface security settings for both the internal organization who is managing the document as well as the users accessing and executing the signing. User access security settings include, but are not limited to, encrypted communication using a 2048bit TLS certificate; signing that occurs on the server side; and multiple security option configurations for one-time signing users.
SaaS Security: eAsset® Management
Once the document is signed, we continue the secure management of the document through our eAsset Management Services, provided in our hosted Cloud service or On-Premise. For our Cloud service, also known as Software as a Service (SaaS), we have developed an infrastructure that features secure data backup that is encrypted and synched with a Disaster Database, 24/7 traffic monitoring, and secure encryption. We also utilize a SunGard SSAE-16 Secure Datacenter with 24/7/365 monitoring.
As part of our secure encryption, all documents and PPI information at rest within the documents are encrypted using AES 256 CBC encryption. All data within the database is fully encrypted on the disk using transparent database encryption (TDE). All backups encrypted with a separate key while being written to the offsite backup location.
Passwords are also securely maintained. All system password are salted and hashed before being stored in the database. The database is then securely backed up nightly in 15 minute increments and synced off-site to a back-up facility.
(Please note: the information presented above is available in more detail in our “eOriginal eCore® OnDemand (EOD) Policy Guide” that can be provided to you after executing an NDA with eOriginal, Inc.)