How secure are my documents and data?
DocSend’s systems are annually audited for compliance with the requirements of SOC 2 Type 2 stipulated by the American Institute of Certified Public Accountants (AICPA).
The entire DocSend service uses HTTPS / SSL for securely transmitting encrypted data. Documents are transferred using expiring URLs and ensure that a viewer has a valid viewing key preventing any external, unauthorized transmission.
DocSend is built on top of the Heroku cloud application platform. Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
In addition, DocSend has completed the rigorous security review process put in place by Salesforce as part of being listed on the Salesforce AppExchange.
Do DocSend employees have access to my documents and data?
Do third parties have access to my information?