Security Overview

Security is a top priority for us. We've taken application, data, document, and architecture security to the next level




Total Confidence.


Application Security


We are constantly developing, adding, and testing security features within the SigniFlow application
  • All communication between the customer and the SigniFlow Cloud is encrypted using industry standard 2048-bit TSL encryption, which rules out man-in-the-middle attacks and eavesdropping
  • Certified ethical hackers regularly carry out penetration testing on the SigniFlow Cloud, to port and penetration safety
  • Databases are encrypted using the latest SQL server encryption
  • SigniFlow server and user access is tightly managed, and two-factor authentication is applied for administrative access
  • Data backups are performed daily
  • The SigniFlow application is a modular design, catering for multiple deployment methods, with multiple layers of security
SigniFlow application security
Document security

Document Security


We take the storage and security of our customer data very seriously

  • The entire SigniFlow Cloud web application environment and databases are actively replicated with automatic failover
  • Offsite backups are run daily, to local and remote locations
  • Files in transit are compressed and encrypted using the Feistel Cipher and 20-bit password encryption
  • Compressed files are transferred to a remote server over an encrypted TLS tunnel to backup servers
  • Once the files are received on the backup servers, the transmitted hashes are compared on every file to ensure file integrity. If at any time a hash algorithm does not match, the file is destroyed and re-transmitted
  • Physical access to any SigniFlow environment is restricted and data is encrypted using the RSA Algorithm to ensure that, should any hardware ever be compromised, the data cannot be accessed
  • Remote access is controlled by RSA-2048 security keys that are issued by the host server

Architecture Security

The level and prevalence of cyber crime today cannot be underestimated.  We put an immense amount of energy into defending our systems, networks, and data from malicious attacks

  • A defensive approach approach to cyber security is just not good enough anymore, so we tackle it proactively, with a fully offensive approach.
  • Our systems are regularly subjected to harsh penetration testing
  • Testing is conducted by third-party security experts, to ensure we always remain alert and aware of the latest cyber attack schemes.

Architecture security
SigniFlow - products - document-generation-267

Protected Audits


SigniFlow is the only digital signature application that embeds and protects each signer’s audit events, using steganography and cryptography

  • This method ensures audit logs are fully compliant with  the most stringent of  measures for non-repudiation
  • Write-once-read-many (WORM) methodology is followed to write each time-stamped audit event as data bits, hidden in the graphic (electronic signature layer), using steganography. This is then cryptographically sealed by each digital signature event
  • The full audit log, linked to the unique document ID, can be retrieved by running the PDF through a steganography decoder

Signature Security

Image

Digital Certificates

SigniFlow digital signatures are created using digital X.509 certificates with built-in Private/Public Key Infrastructure (PKI) capabilities, which are verifiable using free Adobe Acrobat© visual-trust indicators.

signiFlow - Just for you

Long-Term Validation

SigniFlow supports long-term digital signatures. These are signatures with embedded timestamps and verification information, such as CRL and OCSP, to prove the time of signing and certificate validity at the time of signing.
Image

Tamper-Evident

When a user signs, we apply the latest security protocols, cryptographic algorithms and key lengths endorsed by governments and banks, to protect the content of the document and make every transaction tamper-evident.

PAdES Part 2

ISO 32000-1 original PDF Signature format. SigniFlow’s approval signatures have the embedded evidence information for Long-Term Validation (LTV) and trusted Timestamp Services.

PAdES Part 3

Our signatures are based on the EU Qualified Signature format (CAdES-EPES), which is the latest PDF signature format. This allows for policy information to be added to the digital signature, for identification of the policy rules for applying and verifying such signatures.

Disaster Recovery


In the unlikely event of a disaster - whether natural or human-induced - our disaster recovery tools, policies and procedures will ensure the retrieval and continuation of our vital systems and infrastructure. 

  • Our servers are segregated over multiple regions
  • Depending on the disaster region, we will divert traffic to a separate specified environment, and the affected server(s) will recover to a different designated failover location using our end-to-end backup and disaster recovery process
  • Depending on the incident at hand, there may be a variety of external parties that will be communicated with during the response
  • We have service-level agreements in place with all external parties to ensure that we can recover services as quickly as possible
SigniFlow - HR - Improve Process Flow

Certifications

International Best Practices

The race to zero emissions is on

24/7 Online support

We understand your office hours. SigniFlow offers 24/7 online support to all customers.

No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.


SigniFlow 24/7 Support