Security is our top priority
We focus on cybersecurity so you can have meaningful engagement with clients and grow your business.
Read our SOC case studySecurity features
SideDrawer is a SOC2 Type II certified secure document management platform used by businesses and professionals for thousands of their clients. We don't just use marketing lingo like "military grade encryption" or simply rely on the SOC2 certification of our vendors.
Our security approach extends beyond encryption to structure and processes, ensuring client data and privacy remain protected. Read more in our SOC2 press release here.
Encryption is Key
AES -256 bit Encryption– which essentially means all your data is scrambled, made unreadable and put in a secure key that is only decrypted when you need to access, transfer or give someone permission to view it.
Secure Traffic
Our Mobile and Web Applications communicate with our infrastructure over TLS 1.2 and 1.3 protocols that are industry-leading for the transfer of sensitive information.
Permission Settings
YOU always control your data, grant permission to "edit", "view only" or "no access to details" to your trusted advisors or loved ones. You can always see who has access to your documents and revoke permissions at any time.
Access Controls
Our infrastructure is entirely cloud based with access restrictions at every level. As an organization, we never access your data. Individuals in charge of encryption key management do not have access to the encrypted data and vice versa. Regardless, we can never see your actual data as only YOU hold the decryption key.
Audit Trail and Notifications
Every time your information is modified, there is a timestamp that lets you know who did what in your SideDrawer. You will always be aware of any changes made to your SideDrawer. If you notice something unusual, simply restore your previous version and revoke the corresponding access immediately!
Global privacy standards
At SideDrawer we believe in the right of privacy of individuals. Our systems are ready for compliance with global standards.
PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
You have the right of privacy regarding your personal information. You will always be in control of what information is collected, shared and disclosed with your trusted advisors and loved ones.
HIPAA: Health Insurance Portability and Accountability Act (USA)
All information stored in your SideDrawer is protected at all times. It is encrypted while in transit, it remains encrypted while stored in our Database and File Systems and it is only accessible by you and those that you authorized.
GDPR: General Data Protection Regulation (EU)
You have the right to know at all times what personal information is stored at SideDrawer, access such information and provide consent to SideDrawer to store your information.
Want to know more?
Want to learn more about what steps we've taken to protect your data? Email us at security@sidedrawer.com