TRUST > SECURITY

Security

At Snapdocs, we believe that robust security and exceptional user experience go hand in hand.

SecurityHero-2

The Snapdocs security pledge

Snapdocs meets rigorous security and privacy standards, ensuring that our customers' data, processes, and outcomes are delivered in a safe environment. Despite increasingly sophisticated threats to cloud-based financial services, we ensure your data is protected. By integrating security and privacy into our product design, we enable seamless adoption of Snapdocs into your operations, allowing you to confidently adopt our products for your business operations.

Learn more about our approach to security 

Cyber resilience is just one part of Snapdocs’ broader approach to digital risk management. Our cyber resiliency program works to detect and respond to cyber-attacks, but also to recover quickly following an attack—helping our customers achieve their goals without interruptions.

The program consists of critical sub-programs designed to continuously manage deficiencies across Snapdocs’ operations, products, and security:

Incident Response
We continuously monitor our environment for anomalies and suspicious events. Snapdocs Incident Response Program includes ongoing training, tabletop exercises, pen testing, vulnerability management, and threat intelligence. These elements come together to ensure the program has all the required touchpoints to address a potential incident and recover quickly. Incident responders handle end-to-end coordination with stakeholders for swift deterministic notification, investigation, forensics, and close-out.

Vulnerability and Configuration Management
Our Vulnerability Management Program exceeds industry standards. Snapdocs takes a disciplined and pragmatic approach to identifying vulnerabilities that may affect the platform and performing rapid remediation and mitigation to reduce further exposure. The program maintains a network of recognized security penetration testers to continually evaluate the platform for vulnerabilities and identify potential threats. Integration between penetration testing and vulnerability management functions enables the rapid and focused remediation of critical issues to ensure the platform is secure.

Continuous Assessment
The cornerstone of a successful Cyber Resilience program is stress testing the environment to identify weaknesses and address them quickly. Snapdocs products and services undergo ongoing vulnerability assessment and penetration testing. A highly specialized team of researchers and penetration testers carry out test scenarios to identify areas of possible business risk. Any findings are addressed quickly. This continuous assessment helps earn our customers’ trust that Snapdocs’ Products and Services are resilient to cyber-attacks.

Business Continuity & Disaster Recovery
Snapdocs considers Business Continuity (BC) and Disaster Recovery (DR) critical elements of our business operations. There are three main elements to Snapdocs’ BC/DR plans including an Asset Business Impact Analysis, a Recovery Strategy, and Plan Considerations. Leveraging industry standard procedures, Snapdocs ensures that its BC/DR plans can successfully support our Cyber Resiliency program.

Adverse events—data breaches, natural disasters, technical issues, and human error—can disrupt customer operations.  As a result, Snapdocs’ proactive BC/DR plans ensure our product and services stay up and running. Processes and procedures supporting BC/DR are tested regularly to ensure their effectiveness. 

A Foundation of Industry-Recognized Standards 
Leveraging industry-recognized standards and regulatory controls forms the cornerstone of our security strategy. By aligning our security measures with widely acknowledged standards and best practices, we ensure that our cyber security is up-to-date and effective against a wide range of threats. This approach not only strengthens our defense but gives clients confidence that their data is protected by methods that have been vetted and approved by industry experts.

We continuously evaluate and integrate emerging security protocols, ensuring that our security posture evolves with the ever-changing threat landscape. This proactive stance allows us to stay ahead of potential vulnerabilities and provide our clients with state-of-the-art protection.

Balancing Security and Usability

We recognize that security should not come at the cost of usability. Snapdocs' security solutions are designed to work effectively without compromising the functionality of our products. 

Snapdocs integrates security measures seamlessly into our products, ensuring they operate in the background without disrupting workflows or creating unnecessary obstacles for users. This empowers our clients to focus on their core business activities with peace of mind, knowing that their data and systems are protected.

We've noticed a common misunderstanding when companies start using cloud services like Snapdocs. Some think they're automatically more secure, while others worry they're completely exposed due to the cloud's vast attack surface. The truth is that cloud security is a shared responsibility between a company and its service provider(s). 

As companies adopt platforms like Snapdocs, a significant portion of the responsibility for managing security shifts to the service provider. Not all, however. Both parties collaborate in managing access and securing data, applications, and infrastructure. 
 
Snapdocs products run on Amazon Web Services (AWS) public cloud typically have three layers of shared responsibility:  AWS, Snapdocs, and the Snapdocs Customer. Each entity is responsible for different layers given the nature of the public cloud, visibility, and access levels, as well as contractual obligations. 

Ensuring our customers have a safe and secure experience

Data Security

Data security

Snapdocs employs asset and data classification guidelines to ensure your security needs and priorities receive the right level of protection. Snapdocs protects your data by maintaining strict isolation between production and development environments. Depending on the product you're using, some level of control may be passed along to you based on the cloud security shared responsibility model. Security policies on multiple layers are applied to limit access to  Snapdocs workforce members. Additionally, data is de-identified where needed and transmitted in encrypted form using Transport Layer Security (TLS). Encryption keys are then protected.

Product-Security

Product security

At Snapdocs, product security means safeguarding not just our applications and services, but the entire ecosystem that handles your sensitive data. We're committed to ensuring your information remains secure. To do this, the concept of ”Security and Privacy by Design” is ingrained in our engineering practices. During the development  process, Our Secure Software Development Lifecycle (S-SDLC) framework serves to secure applications and services. Following S-SDLC empowers our Engineering Teams to:

  1. Apply the  appropriate  architecture  and  design 
  2. Understand  threats and choose the right controls for protection
  3. Conduct proper security testing
  4. Remediate  vulnerabilities  before production deployment
Infrastucture

Infrastructure and platform security

Snapdocs employs industry-leading technical controls at both infrastructure and platform layers to ensure threat mitigation capabilities meet stringent requirements and are highly effective. We understand that isolating environments is key to reducing risk to customers. We leverage virtualization technologies at specific layers to ensure that application run times are separated from the operational and control elements in the network. This separation allows the user and application interactions to be monitored from the specific application instance and user, in-and-out  of  the internet, and through all the services. We regularly audit our network security posture and technologies to verify compliance with policies and technical standards. Snapdocs has also implemented penetration testing procedures to further validate effectiveness of the applied controls.

systemStatus

Managing identity and access

At Snapdocs, our security starts with identity. We clearly define who or what can access our systems - whether it's people, applications, or data. We set strict rules for how these identities interact with our resources. This ensures that only the right entities can access specific information, keeping your data safe. Snapdocs applies this mindset to how we build our products, secure data, and manage customers. We support sophisticated mechanisms to prove identities, create roles across the ecosystem, and effectively authenticate and authorize access while privileged accounts are further contained and managed.

Access

Encryption and key management

Reliable encryption ensures that data is secure at rest and in transit. Snapdocs encrypts at different layers based on the product, to ensure that data is exposed on a need-to-know basis.   Snapdocs  supports key management systems, and public and private key infrastructures for effectively protecting and managing keys and certificates. Application and service accounts are vaulted to further protect them from illegitimate access.

Security-Endpoint

Endpoint security

End-user devices are protected by several layers of controls ensuring the work conducted via these devices is done safely and securely. Controls such as endpoint threat detection, mitigation and response, malicious website protection, and proper patching are maintained so that end-users have a safe experience. Similarly, cloud endpoints that support  Snapdocs products are built using secure configurations, undergo effective vulnerability management, and are protected via cloud endpoint threat detection, mitigation, and response tools.