effacts is proud to provide enterprise-class security and data management services to businesses worldwide. Built on leading edge infrastructure and technologies, effacts is committed to keeping your confidential information as safe as possible.
We handle sensitive information for hundreds of organizations around the world. To do this, we employ multiple levels of data protection:
While it’s common for Software-as-a-Service (SaaS) providers to provide SSL-security connections, the truth is that most compromises start after your data is in the hands of a service provider. We have taken a leadership role in protecting our customers’ information. We took the time to build additional maintenance tools so that we can ensure customer data isn’t compromised.
effacts is the only smart repository for legal information that is ISO 27001:2013 certified as an information security management system (ISMS). This is the highest level of global information security assurance available today, and provides customers assurance that effacts meets stringent international standards on security.
We are committed to providing our customers with exceptional uptime and availability. You can trust that we are aligned with your availability expectations:
Our private cloud has been constructed with true real-time redundancy. With live data synchronization, every application and database server has an active failsafe unit ready to take over in the event of a disaster.
Reinforcing this real-time failsafe, on a nightly basis, customer databases are backed up in full, from the active failover server, ensuring backup processes do not disrupt access to customer data. Backups are shipped off-site over a dedicated fiber link to another secure location, ensuring that even in the event of a critical disaster, customer data is secure.
Our customers enjoy security controls such as fully guarded premises and physical access management that are economically unfeasible with typical in-house, on premise deployments. Dedicated around-the-clock availability and security monitoring provide added layers of assurance.
We use only SSAE 16 (SOC1)/ISAE 3402 Type II audited datacenters (supersedes SAS-70 compliance) to ensure our processes exceed industry best practices. The reports from these audits are available to our customers or auditors.
All the datacenters are locked and guarded, and can only be accessed by authorized personnel. Monitored closed circuit television systems and onsite security teams vigilantly protect the datacenters around the clock, while military grade pass card access and biometric finger scan units provide even further security.
The heating, ventilation, and air-conditioning (HVAC) systems have full particle filtering and humidity control. The climate within each of our datacenters is maintained according to ASHRAE Guidelines. This ensures your mission-critical dedicated server and hardware is functioning at its best.
The datacenters don’t rely solely on the local power grid to guarantee around-the-clock power. The onsite diesel-powered generators and uninterruptible power systems (UPS) deliver redundant power if a critical incident occurs, so that all operations are uninterrupted and your dedicated servers remain online. We regularly test our infrastructure to make sure it performs as designed in the event of an emergency. And we back it all up with our 99.9% Uptime SLA.
Privacy is part of our DNA. As part of our promise to you, we adhere to stringent international data management controls and policies to ensure 24x7 protection of your data.
Personal data is subject to the various local implementations of Directive 95/46/EC of the European Parliament and of the Council of October 24, 1995, replaced by the General Data Protection Regulation (GDPR), on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Under the terms of the directive, personal data includes any information about a living identifiable individual, including their name, address, phone number, email address and any other information about the individual.
Since its founding, effacts has made data safety and portability a key principle. Unlike many service providers, we provide every organization its own unique database with private connection credentials. This means that your data always remains secure. Further to this, our data portability commitment is clear: you own your data, and can take it with you at any time. As much as we’d hate to lose you as a customer, we will never hold your data hostage. You can easily export your data in a commonly accepted format, or make use of our various APIs to request data as needed.
We use a combination of background checks and confidentiality agreements to reduce the risk of personnel related security breaches. We also perform monitoring via a dedicated compliance team to make sure staff is operating in accordance with security and compliance guidelines.
effacts has a full audit logging of all user activity with self-service reporting. With these reports you can readily see who has access to what content as well as see access activity across all content managed by effacts.
The Network Operations Center (NOC) staff monitors the network 24x7x365, while our network engineers and facility staff are available at any time in the event of an emergency.
Outside of the core datacenter operations, we designed our physical office to eliminate any central on-premise servers, ensuring employees and guests have no direct access to customer data. Our employees are unable to access customer data without explicit permission in the course of delivering support services. When requesting support, either at the time of request submission or during the course of interaction with our team, customers have the opportunity to grant any necessary access rights—all such grants are tracked and visible to customers at any time.