Data encryption at rest and in transit
All data is held encrypted at rest using strong encryption methods. Your contract documents and all data derived from them are completely segregated from any other customers’ data and encrypted with a unique encryption key specific to your account.
Data is encrypted in transit using TLS1.2 both for transmission across the internet and internally within our network. A web application firewall protects the services and data with all unnecessary ports blocked.
Data sovereignty
All of the data resides within Azure data centers managed and secured by ThoughtRiver, in a single region which you can specify. We do not use external processors for your data.
Secure authentication
We use the secure Auth0 service to provide secure authentication, single-sign on and multi-factor authentication in order to protect the applications which access your data. To do this, only your users’ email addresses are passed to Auth0.
24x7 monitoring
Our security operations center operates 24x7 to monitor the environment and intercept threats. We operate a coordinated incident management process with all of our customers.
Security testing
We use the secure Auth0 service to provide secure authentication, single-sign on and multi-factor authentication in order to protect the applications which access your data. To do this, only your users’ email addresses are passed to Auth0.
"ThoughtRiver helps shorten review time without compromising high-quality standards. It also reduces operating expenses and gives general counsel offices greater ability to accurately budget legal costs."
Chanley Howell
Partner at Foley & Lardner LLP