Security is a critical aspect of document management. It's one of the top priorities of AODocs. This article explains how AODocs protects customer data through its architecture and processes.
Find out about:
Automatically generated table of contents
Infrastructure
AODocs runs entirely on Google Cloud Platform and in particular on Google App Engine. This is one of the most secure platforms-as-a-service on the market. Google App Engine holds many certifications. these include SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018, FedRamp ATO, and PCI DSS. These certifications show the high level of security of this platform.
Learn more: Google Cloud Platform compliance
Customer data stored in AODocs benefits from Google App Engine’s security features. These include
- at rest encryption
- the security of Google’s network
- the physical security of its datacenter facilities
Data storage in Google App Engine is highly redundant, with automatic replication across multiple datacenters. Learn more: Google Cloud datastore.
AODocs has a “cloud only” policy for its internal IT. All internal applications run on the highly redundant public cloud. This means our employees can work from anywhere. The loss of any our physical offices can't impact the continuity of our business operations.
Data transfer
Industry standard protocols such as SSL/TLS encrypt all data sent to and from AODocs. AODocs front-ends are managed by Google App Engine. This provides highly secured web servers that are regularly updated to fix known vulnerabilities.
AODocs runs on the Google Cloud Platform. Any data exchanged between AODocs and Google Drive and between AODocs and Google Cloud Storage is transferred via Google’s internal private network.
User authentication
Users accessing AODocs are authenticated either:
- by their Google Account
- by their Microsoft account
- using an email by creating a password
In AODocs, access permissions and roles are set on Google Accounts or Microsoft accounts and Google Groups or Microsoft groups. The access control on AODocs files in Google Drive is done by Google Drive itself.
AODocs does not store any passwords and never asks users for any passwords.
Segregation of customer data
AODocs is a multi-tenant SaaS application, where all customers are hosted on a single instance of the application.
Note: AODocs has completely separate environments for development, pre-production and production. No customer data is ever used for software development and testing.
AODocs stores the following types of customer data:
- files attached to AODocs libraries - learn more: Where is my content stored?
- AODocs-specific data such as custom document properties, the AODocs configuration, workflow status, and audit logs