Security and compliance
Smarsh maintains the highest commitment to the security of your data. Our data centers, including those of Azure, AWS and AWS GovCloud, are equipped with strong security controls. All of our data centers are fully redundant, with externally audited SSAE16 SOC 2 reports, floor-to-ceiling walls, key-card biometric readers, and 24-7 surveillance and security. Other features of our security and compliance offering include:
- Secure configuration using industry standard benchmarks
- Data encryption, both in transit and at rest
- Authentication, single sign-on and multi-factor identification
- Proactive performance and security monitoring, including vulnerability management and remediation
- Regular independent application and network security penetration testing
- Robust business continuity and disaster recovery programs, including periodic testing for effectiveness
There is no higher priority at Smarsh than the privacy of our customers' data. Unless legally required to do so, or directed by our customers, Smarsh does not share customer data with third parties. Factors relevant to our privacy stance include:
- Smarsh self-certifies to the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework
- Clients have the ability to access and delete their data archived with Smarsh
- Personal data processed on behalf of clients is retained as long as it is required for the provision of services, or for the length of time requested by our clients
- Smarsh employs CIPP-trained privacy and security personnel
Stay up to date with the latest resources
Still have questions?
Talk to our team who will walk you through our partner models and the different options to fit your business.