Product Security

——— Security Overview

Security is the most important focus of Evisort.

We designed our security from the ground up. Every line of code and every design choice is based on providing robust security to our users.

02 ——— Our Security Process

How do we ensure security of your data?

Cloud Security Management

Server Security Management

Network Security Management

Identity & Access Management

Employee Security Training

03 ——— Policies

Security & Privacy Policies

We have a formal corporate-wide privacy policy in place, reviewed by counsel. We do not store, or maintain, personally identifiable data or credit card information. Our security program is based on ISO 27001 standards.

A formal information Security is in place with regular review and updates on: Acceptable Use, Backup, Business Continuity, Data Classification, Email Use, Encryption, Incident Response, Information Security, Intellectual Property Rights, Network Access and Authentication, Outside Devices, Paper and Electronic Media, Passwords, Patch Management – Servers and Applications, Physical Security, Risk Assessment, Software Change Management, Software Development, and Third-Party Vendors.

04 ——— Certifications

Built for SOC 2

Evisort is currently undergoing preparation and assessment for SOC 2 Type I and Type II. All policies and security practices have been designed according to SOC 2 best practices and is monitored with automated monitoring.

05 ——— Vulnerability

Vulnerability Management

Evisort undergoes regular penetration testing by dis-interested third parties and continuous vulnerability monitoring to maintain the security of our solution. We’re continually scanning and testing our services internally, as well as contracting with external firms.

06 ——— Data Control

Data Control & Monitoring

Evisort has continuous monitoring in place, including network and host intrusion detection. We keep full audit logs and conduct vulnerability scans regularly.

07 ——— Hosting

Secure Amazon Web Services Hosting

Evisort is hosted on Amazon Web Services but can be made available for on-premise deployment for enterprise clients.

08 ——— Encryption

High Encryption Standards

Data is encrypted at rest and transit (AES-256).

09 ——— Access Levels

Customized Access Control

Evisort allows several different levels of user access privileges that can be controlled by user levels, including admins, read/write users, and read-only users. Admins can define which users have access to which documents.

10 ——— Vulnerability Testing

World-Wide Bounty Program

Evisort runs a world-wide bounty program where white-hat hackers are offered payment to discover vulnerabilities in Evisort’s system. The bounty program is one of many ways we stay ahead of known vulnerabilities and are proactive in security.

Security Is Our Thing. Contact Us.


Schedule an Evisort Demo

Experience the next generation of contract management for yourself and see why everyone from startup companies to the Fortune 100 are leaning on Evisort for their contract management needs!