The security of your data is our top priority

The security of your data is our top priority

Ensuring the privacy, integrity and security of our clients’ data is of paramount importance at Closd. That is why we chose to adopt a security-by-design approach from day one, that ensures that we diligently comply with the best practices in terms of coding, architecture and infrastructure security, with regular third-party security audits.

How are files and data secured?

All the files and data uploaded to Closd are encrypted with a strong military-grade AES-256 cipher, and access to the platform is invitation-only.

The connection between clients and Closd is encrypted through the industry standard TLS protocol to ensure data transmissions can’t be intercepted.

Closd also has security audits and penetration tests conducted every year by certified providers.

Where and how are files and data stored?

Our hosting provider, OVHcloud, is a top-tier worldwide cloud services provider. All data and files are exclusively hosted in the EU.

OVHcloud implements mitigation technologies to ensure optimal protection against DDoS attacks.

Our clients’ data is backed up on an hourly basis on storage drives that benefit from a live triple replication in order to prevent any data loss.

All data and files are wiped from our disks (with the exception of the signatories’ authentication data). Closd does not store any data without its clients’ approval, wiping all data from our disks after a project is finished.

How are users authenticated?

Access to Closd is by invitation only: Users are authenticated through their email address and a secure password. Our system detects and prevents concurrent logins from two separate sessions.

2-factor authentication or Single Sign-On can be implemented to further reinforce security at login.

For users that need to sign documents electronically, two additional layers of security contribute to guaranteeing the identity of the signatory:

  • An automated ID document verification is performed to cross check the user’s profile and detect traces of tampering with the document;
  • A one-time password is sent by SMS to the number that the user registered as their mobile phone.
10

Are users' actions recorded?

All user actions are recorded on an activity log that is accessible to System Administrators. This allows us to investigate any potential breach of issue within a project and to identify which accounts could potentially have been compromised.

Download our PDF on security

About us

Contact
Blog
Privacy policy
Legal notice

Contact

+33 (0)1.88.32.12.69
contact@closd.com

Copyright © 2020