Search
Login 800.380.7652 +1.408.717.4955 Blog Blog

Security Policy
Revision 2.1 (6/24/2017)

Summary

The ShareVault platform is used by enterprises to share sensitive information with third parties in a variety of applications including due diligence document review. The security of customer data is the top priority for our business, a priority that is reflected in the design of the ShareVault platform, ShareVault’s internal policies and procedures, as well as the choice of our data center partners. Security processes and technology are in place to assure the highest level data security, data availability / up time as well as the network security, application security and physical security measures.

Purpose

The purpose of this policy is to communicate the requirement that all business units and partners that support the customer experience at ShareVault must develop and maintain a vigilant security posture. This ensures that security management has all the necessary support and resources to maintain a successful security program protecting customer data.

Scope

This policy applies to all ShareVault business entities, support vendors and partners.

Policy

The development, implementation, and execution of Security Policies are the primary responsibility of all employees and business units.

Security Program

ShareVault shall maintain a security program lead by the Chief Information Security Officer and supported by senior executives. The security program is based on industry best practices and the ISO 27001 international security standards.

Secure Product

ShareVault shall maintain a secure development process with which we create and maintain the ShareVault platform. This includes specific standards for secure and trustworthy development, testing, and operations.

Employee Security

ShareVault shall maintain a trustworthy workforce by screening, training and equipping them with appropriate security skills, awareness, and tools.

Secure Environment

ShareVault shall maintain a safe work space and physical security for engineering and operations teams. Security extends to the computing infrastructure, networks, development systems, and administrative systems.

Risk Management

ShareVault shall maintain security by measuring risk and implementing security controls to mitigate risk to acceptable levels. Possible threats are monitored to assure security measures area adjusted to prevent them. Information systems are continually monitored to assure security controls are operating correctly and detect suspected security attacks or abuses. Security incident response teams shall be maintained in the ready to address issues and launch corrective measures. Systems are also periodically tested for vulnerabilities to preemptively protect the ShareVault platform and customer data.