Security is a top priority for us. We've taken application, data, document, and architecture security to the next level
- All communication between the customer and the SigniFlow Cloud is encrypted using industry standard 2048-bit TSL encryption, which rules out man-in-the-middle attacks and eavesdropping
- Certified ethical hackers regularly carry out penetration testing on the SigniFlow Cloud, to port and penetration safety
- Databases are encrypted using the latest SQL server encryption
- SigniFlow server and user access is tightly managed, and two-factor authentication is applied for administrative access
- Data backups are performed daily
- The SigniFlow application is a modular design, catering for multiple deployment methods, with multiple layers of security
We take the storage and security of our customer data very seriously
- The entire SigniFlow Cloud web application environment and databases are actively replicated with automatic failover
- Offsite backups are run daily, to local and remote locations
- Files in transit are compressed and encrypted using the Feistel Cipher and 20-bit password encryption
- Compressed files are transferred to a remote server over an encrypted TLS tunnel to backup servers
- Once the files are received on the backup servers, the transmitted hashes are compared on every file to ensure file integrity. If at any time a hash algorithm does not match, the file is destroyed and re-transmitted
- Physical access to any SigniFlow environment is restricted and data is encrypted using the RSA Algorithm to ensure that, should any hardware ever be compromised, the data cannot be accessed
- Remote access is controlled by RSA-2048 security keys that are issued by the host server
The level and prevalence of cyber crime today cannot be underestimated. We put an immense amount of energy into defending our systems, networks, and data from malicious attacks.
- A defensive approach approach to cyber security is just not good enough anymore, so we tackle it proactively, with a fully offensive approach.
- Our systems are regularly subjected to harsh penetration testing
- Testing is conducted by third-party security experts, to ensure we always remain alert and aware of the latest cyber attack schemes.
SigniFlow is the only digital signature application that embeds and protects each signer’s audit events, using steganography and cryptography
- This method ensures audit logs are fully compliant with the most stringent of measures for non-repudiation
- Write-once-read-many (WORM) methodology is followed to write each time-stamped audit event as data bits, hidden in the graphic (electronic signature layer), using steganography. This is then cryptographically sealed by each digital signature event
- The full audit log, linked to the unique document ID, can be retrieved by running the PDF through a steganography decoder
SigniFlow digital signatures are created using digital X.509 certificates with built-in Private/Public Key Infrastructure (PKI) capabilities, which are verifiable using free Adobe Acrobat© visual-trust indicators.
When a user signs, we apply the latest security protocols, cryptographic algorithms and key lengths endorsed by governments and banks, to protect the content of the document and make every transaction tamper-evident.
PAdES Part 2
PAdES Part 3
In the unlikely event of a disaster - whether natural or human-induced - our disaster recovery tools, policies and procedures will ensure the retrieval and continuation of our vital systems and infrastructure.
- Our servers are segregated over multiple regions
- Depending on the disaster region, we will divert traffic to a separate specified environment, and the affected server(s) will recover to a different designated failover location using our end-to-end backup and disaster recovery process
- Depending on the incident at hand, there may be a variety of external parties that will be communicated with during the response
- We have service-level agreements in place with all external parties to ensure that we can recover services as quickly as possible
International Best Practices
The race to zero emissions is on
24/7 Online support
We understand your office hours. SigniFlow offers 24/7 online support to all customers.
No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.