 |
Products > CLD
> Security
|
|
 |
Many other legal operations management solution providers offer multitenant
applications that rely on an ASP or SaaS model, meaning all of the provider's
customers are hosted by the same application instance and all customers' data
is stored together within the same database. Only the application's own
internal security measures keep one customer from accessing another customer's data.
While this type of model can be beneficial for the delivery of other types of
enterprise applications, DataCert has found that our customers need greater
assurance that their stringent data security requirements are being met and
that sensitive data regarding corporate legal matters and spend is protected
by proven, industry-leading and third-party security technologies to ensure
unauthorized parties aren't able to access the data.
In contrast to our competitors, only the DataCert security model ensures that the
customer always has complete control over its legal matter and spend data, as outlined in the table below:
| Comparison of Security Models |
 |
|
 |
Dedicated application instance for each customer
|
|
Multi-tenanted – a single application instance for all customers
|
|
Each customer has its own application database protected by third-party security
technologies
|
|
Data for all customers is stored in a single application database protected by
internal application security only
|
|
Legal vendors never have access to the customer’s application – invoice data is
PKI- encrypted and submitted via ShareDoc, DataCert's secure invoice submission
portal, where it is stored only temporarily
|
|
Legal vendors directly submit invoice data to the ASP/SaaS provider where data
for all customers resides unencrypted and is permanently available
|
|
Confidential legal data stored behind the customer’s
corporate firewall or at a secure third-party hosting facility in a dedicated
application database
|
|
Confidential legal data for all customers resides
unencrypted with the ASP/SaaS provider and is permanently available in a shared
application database
|
|
The DataCert security model offers the flexibility to deploy
CLD behind the customer's corporate firewall or have DataCert host the
application for the customer. Either option offers unparalleled security.
Deployment Behind the Corporate Firewall
Many DataCert customers choose to deploy CLD behind their firewalls so
that they retain total control over the application and its databases.
- The application resides in the customer's controlled environment, is subject to all corporate security measures, and no unencrypted data passes outside of this secure zone
- The customer's own internal IT resources administer and maintain complete control over the application and its hardware
- Post-implementation, no one external to the company, including DataCert employees, has access to the customer's CLD databases, unless the customer provides access
DataCert Hosted Solution
For customers who wish to take advantage of benefits such as reduced
upfront and long-term IT costs, ease of implementation, and worry-free
maintenance, DataCert offers a secure hosted solution.
- The application is hosted in a highly-secure, fault tolerant environment at a top-tier hosting provider data center that meets SAS 70 audit and compliance requirements and is Safe Harbor-certified to ensure data privacy
- Each customer has a private VLAN (Virtual Local Area Network) with a dedicated application instance and database
- DataCert's hosting provider offers state-of-the-art facilities and security controls, redundant firewalls, network intrusion detection systems, regular penetration testing, and 24/7 management and monitoring
|
|
Print
