Request a demo
FeaturesE-signatureSecurityRecordsSign inRequest a demo
SECURITY AND COMPLIANCE

Security and governance, by design

Control is the default, not an add-on. Mandatory 2FA, row-level tenant isolation, role and classification based access, per-viewer watermarking, and a complete audit trail are built into the platform.

Request a demo Contact us
Security and compliance posture

Security and governance are first-class design principles

Architecture
A single Postgres database with row-level security on every tenant-scoped table. Server logic runs in isolated, auth-enforced edge functions.
Authentication
Mandatory TOTP two-factor authentication, with step-up auth on sensitive flows.
Encryption
TLS in transit. Sensitive at-rest values, for example saved signatures, are encrypted with a dedicated key separate from the database.
Document integrity
SHA-256, a platform RSA seal, and an embedded PAdES signature on executed documents, independently verifiable.
Audit
A comprehensive, exportable audit log of every meaningful action, with actor, entity, and context.
Records
Retention schedules, legal hold, and disposition enforced at the data layer.

DISCLOSUREControls are mappable to SOC 2 and NIST SP 800-171 control families (access control, audit, identification and authentication, media protection). The hosting boundary determines the compliance ceiling: CUI and CMMC Level 2 workloads require FedRAMP-equivalent hosting, for example GovCloud, and are out of scope on the standard cloud tier. The platform's controls are the building blocks, and the hosting is the gate.

Access and identity

Who can see what, enforced everywhere

Role and attribute based access, folder permissions, visibility scopes, and enterprise single sign-on with automated provisioning.

Security and access control
  • Row-level multi-tenant isolation
  • Mandatory TOTP two-factor authentication
  • RBAC plus ABAC with custom roles
  • Folder permissions and visibility scopes
  • Per-viewer watermarking, view-only files
  • Hardened password reset with TOTP step-up
Enterprise identity
  • SAML and OIDC single sign-on with JIT provisioning
  • SCIM automated user lifecycle
  • Group mapping per enterprise tenant

Put control and proof on every document.

We are glad to walk a security or procurement team through the controls and the hosting boundary.

Request a demo Contact us