Documill View Service – Security Overview

We take ensuring our customers’ data privacy and security very seriously here at Documill. In order to make sure your sensitive data is always protected, we use at all times multiple layers of strong encryption and secure authentication for all your data both in transit and at rest. Security throughout the system from the source documents to the previews served to end-users has been thought out.

Access control and authentication

It is of utmost importance that all access to APIs and resources is properly authenticated, authorized and logged. The use of Documill View Service requires an active account and a valid API key. All API requests are authenticated by your unique API key and logged. Be sure to not reveal your API key to anyone else. If your API key gets compromised for any reason, contact us immediately.

End-user’s access to documents is controlled by the API user. End-users can only view a document if the API user has created a viewing session for it, and shared the session id and/or URL with the end-user. The session id is randomly generated and very long, thus making it impossible for anyone to guess. This in addition to the fact that the URL is served over HTTPS makes it possible to securely share documents, provided that the channel used to share the URL itself is secure.

Securing your data at rest

Documill View Services encrypts data at rest using AES-256 encryption. This encryption is part of our layered security solution, and complements other security features such as SSL/TLS and Amazon S3’s Server-Side Encryption. The encryption keys are stored encrypted in our database, and the decryption of data first requires de-crypting the document specific encryption key using Amazon KMS. More details about Amazon KMS can be found here and cryptographic details details here.

During processing the documents must temporarily be stored on the local file system of our servers. These servers use encrypted disks to prevent attackers with physical access to the servers’ disks from reading customer data.

We never store user passwords in plain text. Instead they are encrypted with a random salt using bcrypt, and stored into database in encrypted form.

Securing your data in transit

All data transit to and from our service, and within our service uses SSL/TLS for encryption when possible and applicable.

Documill View API is available only through HTTPS (https://view-api.documill.com/api/apidoc) and thus all requests to, and responses from it are secured by the encryption used by HTTPS (SSL/TLS).

When our service needs to download a source document from an URL provided by the API user, the document is transported from the source URL to our service using the protocol defined in the URL, i.e. HTTP or HTTPS. Please note carefully that if the source URL uses a non-encrypted protocol such us HTTP, the source document will be transported un-encrypted through the network.
Document previews are served to end-users only through HTTPS (https://viewer.documill.com and https://view-assets.documill.com).

Together these features make it possible to maintain source document confidentiality.

Physical security

Access to Documill offices is controlled with unique digital key cards assigned to Documill personnel. Within Documill offices only selected personnel is allowed to remotely access the production setup of Documill View Service.

Documill View Service is hosted on Amazon AWS. For more information about Amazon AWS security, see here.

Availability

Documill View Service uses a distributed architecture, in which different services such as document processing and preview serving are done by separate servers. In addition to this separation of services, each different service employs multiple redundant servers on across different availability zones with automatic load-balancing and constant monitoring to keep the service available at all times.

Operational issues

Updates to Documill View Service are done in a controlled and predictable manner. The customers are notified beforehand in case such an update would cause possible usage blackouts. Normally such updates are rolled into the service so that the service provisioning remains uninterrupted. Documill View Service uses separate development, staging and production environments for quality assurance and security.

Got questions?

We always strive to make our services even better, more secure and robust. If you feel that this document didn’t answer all your questions, please feel free to contact us.

About Documill

Documill is an independent software vendor (ISV), established in 1997 and based in Espoo, Finland. Documill’s SaaS offering focuses on enterprise document processing (Microsoft Office and PDF) in the context of document discovery, automation and reuse.

Contact

Phone: +1 650 644 1360 (the US)
+358 50 408 1839 (Europe)

Email: platform.sales@documill.com

Web: www.documill.com