Security is a critical aspect of document management and one of the top priorities of AODocs. This article describes the architecture and processes that AODocs has implemented to ensure the protection of our customers’ data.
Find out about:
Automatically generated table of contents
Infrastructure
AODocs runs entirely on Google Cloud Platform and in particular on Google App Engine, one of the most secure platforms-as-a-service on the market. Google App Engine features a number of certifications such as SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018, FedRamp ATO and PCI DSS, which reflect the high level of security of this platform.
Learn more: Google Cloud Platform compliance
Customer data stored in AODocs benefits from Google App Engine’s security features, such as at rest encryption, the security of Google’s network and the physical security of its datacenter facilities. Data storage in Google App Engine is highly redundant, with automatic replication across multiple datacenters.
Learn more: Google Cloud datastore
AODocs also implements a “cloud only” policy for its internal IT: all internal applications run on the highly redundant public cloud to make sure our employees can work from anywhere. The loss of any one of our physical offices can't impact the continuity of our business operations.
Data transfer
All data transferred to and from AODocs is encrypted by industry standard protocols such as SSL/TLS. AODocs front-ends are managed by Google App Engine, which provides highly secured web servers that are regularly updated against any known vulnerabilities.
Because AODocs runs on the Google Cloud Platform, any data exchanged between AODocs and Google Drive and between AODocs and Google Cloud Storage is transferred via Google’s internal private network.
User authentication
Users accessing AODocs are authenticated either:
- by their Google Account, via the OAuth2 login flow
or
- via Google's Identity Platform, using the identity providers Microsoft or Google
Access permissions and roles in AODocs are set on Google Accounts or Microsoft accounts and Google Groups or Microsoft groups, while the access control on AODocs files in Google Drive is done by Google Drive itself.
AODocs does not store any passwords and never asks users for any passwords.
Segregation of customer data
AODocs is a multi-tenant SaaS application, where all customers are hosted on a single instance of the application.
Note: AODocs maintains completely separate environments for development, pre-production and production, so no customer data is ever used for software development and testing.
AODocs stores the following types of customer data:
- files attached to AODocs libraries
- AODocs-specific data such as custom document properties, the AODocs configuration, workflow status and audit logs
Files attached to AODocs libraries
The files attached to AODocs libraries are stored in either:
- each customer’s Google Drive domain, owned by AODocs storage accounts – the Google Drive files managed by AODocs are automatically segregated because they belong to each customer’s specific Google Drive domain
or
-
Google Cloud Storage, either in:
- one or more buckets created and managed by AODocs – the files are stored in dedicated storage buckets for each customer; bucket references are stored in the Google Cloud Datastore and therefore benefit from the same segregation as AODocs-specific data
- in a single bucket that customers create and manage on their own Google Cloud Storage – the Google Cloud Storage files are automatically segregated because they belong to each customer’s specific Google Cloud Storage
AODocs-specific data
AODocs-specific data are stored in the Google App Engine Datastore. This relies on a built-in multi-tenancy feature named 'namespace', which defines virtual “silos” within the AODocs database. Each customer is assigned a specific namespace (which is in fact the customer’s primary Google domain name), and the namespace separation is implemented at the lowest possible level of the application to maximize the isolation between data structures belonging to different customers.
Operational processes
AODocs is SOC2 certified, which means that AODocs internal processes for HR, support and operations are regularly assessed by an independent audit firm, which validates the compliance of our internal controls with the SOC2 framework. Our latest SOC2 audit report is available to our customers on request.
AODocs is also a Recommended for Google Workspace application, and as part of this program, is regularly audited by Google about the security of its application.
AODocs implements strict internal security policies controlling how employees handle confidential information and customer data in particular. These policies are reviewed at least annually, and employees receive periodic training on IT security.
Important: AODocs performs periodic penetration testing on its Web application, conducted by external firms, to detect any vulnerabilities.