——— Security Overview
Security is the most important focus of Evisort.
We designed our security from the ground up. Every line of code and every design choice is based on providing robust security to our users.
02 ——— Our Security Process
How do we ensure security of your data?
03 ——— Policies
Security & Privacy Policies
A formal information Security is in place with regular review and updates on: Acceptable Use, Backup, Business Continuity, Data Classification, Email Use, Encryption, Incident Response, Information Security, Intellectual Property Rights, Network Access and Authentication, Outside Devices, Paper and Electronic Media, Passwords, Patch Management – Servers and Applications, Physical Security, Risk Assessment, Software Change Management, Software Development, and Third-Party Vendors.
04 ——— Certifications
Built for SOC 2
Evisort is currently undergoing preparation and assessment for SOC 2 Type I and Type II. All policies and security practices have been designed according to SOC 2 best practices and is monitored with automated monitoring.
05 ——— Vulnerability
Evisort undergoes regular penetration testing by dis-interested third parties and continuous vulnerability monitoring to maintain the security of our solution. We’re continually scanning and testing our services internally, as well as contracting with external firms.
06 ——— Data Control
Data Control & Monitoring
Evisort has continuous monitoring in place, including network and host intrusion detection. We keep full audit logs and conduct vulnerability scans regularly.
07 ——— Hosting
Secure Amazon Web Services Hosting
Evisort is hosted on Amazon Web Services but can be made available for on-premise deployment for enterprise clients.
08 ——— Encryption
High Encryption Standards
Data is encrypted at rest and transit (AES-256).
09 ——— Access Levels
Customized Access Control
Evisort allows several different levels of user access privileges that can be controlled by user levels, including admins, read/write users, and read-only users. Admins can define which users have access to which documents.
10 ——— Vulnerability Testing
World-Wide Bounty Program
Evisort runs a world-wide bounty program where white-hat hackers are offered payment to discover vulnerabilities in Evisort’s system. The bounty program is one of many ways we stay ahead of known vulnerabilities and are proactive in security.