The ndSync desktop application contains a device-level circuit breaker that detects unusual activity in locally synchronized folders and stops the synchronization process before affected documents are uploaded to the Service. Permissions for the platform are designed around access controls and profile-based security. Access to content can be granted based on View, Edit, Sharing, and Administrative permissions, and these can be applied to document or profile attributes. This allows firms to restrict access to content based on the metadata associated with it, meaning that if you have data regarding a certain project, you can restrict access for all files within that workspace that are tagged with that project’s metadata attribute. With Security Analytics, NetDocuments provides information around downloads and activity so that firms don’t miss the opportunity to investigate potentially suspicious behavior. Security Analytics allows administrators to have an early alert if there is anomalous behavior (e.g., number of downloads) and identify potential risks before it’s too late. ABOUT NETDOCUMENTS TRUST SERVICES In addition to the security features listed above, NetDocuments Trust Services is a corpus of material available to customers that may be used to respond to client and regulatory audits or learn about and validate the security, availability, and privacy of the NetDocuments Service. The materials are regularly updated and made available by the NetDocuments Compliance Department. Customers have access to contents outlining NetDocuments policies and best practices and to material on the following NetDocuments certifications and attestations: ● SOC 2 Type 2 on Security, Availability, and Privacy, plus relevant HIPPA controls ● ISO 27001 ● ISO 27017 ● ISO 27018 ● ISO 27701 (for GDPR) NetDocuments also employs the following best practices in order to further protect your data: segregation of duties, defective media retention, removable media disablement, log isolation, third-party security scans, static/dynamic source code scans, regular vulnerability tests, etc. These best practices are detailed in the Trust Services as well.
9 |
Made with FlippingBook interactive PDF creator