HIGH SECURITY AS STANDARD
Rest easy knowing ThoughtRiver’s security infrastructure and policies keep your contractual data secure at all times. From authentication to data protection, we've got your back.
ThoughtRiver is committed to keeping your data secure at all times. We are ISO27001 certified, which means we adhere to the international standards for information security governance.
Certificate Number 21188-ISMS-001
ENCRYPTED AT REST AND IN TRANSIT
Benefit from complete peace of mind with strict security policies protecting all your sensitive data.
All data is held encrypted at rest using strong encryption methods. Your contract documents and all data derived from them are completely segregated from any other customers’ data and encrypted with a unique encryption key specific to your account.
All data is encrypted in transit using TLS1.2 both for transmission across the internet and internally within our network. A web application firewall protects the services and data with all unnecessary ports blocked.
ALL DATA TYPES
All of the data resides within Azure data centers managed and secured by ThoughtRiver, in a single region which you can specify. We do not use external processors for your data. The optional email adapter additionally uses a Microsoft 365 account also managed and secured by ourselves to accept contracts emailed to us.
We use the secure Auth0 service to provide secure authentication, single-sign on and multi-factor authentication in order to protect the applications which access your data. To do this, only your users’ email addresses are passed to Auth0.
Our security operations center operates 24x7 to monitor the environment and intercept threats. We operate a coordinated incident management process with all of our customers.
Regular application and network penetration tests are performed, as well as vulnerability scanning.