Get free guide 'Bypassing Legal The Secure Way: A Guide to Fighting Bureaucracy' and empower business teams to deal with simple legal tasks
Get my guide

AXDRAFT protects your data better than your bank does

Security tops the list of companies’ concerns when it comes to legal technology. 50% of legal experts claim that confidentiality is the key factor driving their decision-making when adopting new cloud software. Knowing that, we’ve made data protection a #1 priority at AXDRAFT. We value the trust of every client, and for that, we endlessly improve our platform security.

YOUR DATA IS SAFE WITH US
Soc-2 Type 1 certification
TLS 1.2+ and AES-256 data encryption
Cloud-based deployment

AXDRAFT’s baseline security

SOC-2 certification

This proves that AXDRAFT manages data under the security protocols, protects the interests, and guarantees data integrity to all clients. The main areas subject to the certification are Policies, Communications, Procedures, and Monitoring. To get certified, we needed to comply in all of these areas.

GDPR compliance

AXDRAFT operates in compliance with the PCI/PII standards in EU and GDPR which has gone into effect May 25th.

TLS 1.2+ and AES 256 data encryption

This protocol secures data transmission over the Internet. As a SaaS solution, AXDRAFT website connection is encrypted and authenticated using a strong protocol, key exchange, and cipher. Our databases, template files, and even the disks of our servers are stored in an encrypted state.

Cloud-based deployment

AXDRAFT is a Software-as-a-Service solution, which means it is deployed on third-party servers: US-hosted Google Cloud and AWS. We use backup servers across multiple locations to ensure AXDRAFT remains operational in case of local outages.

On-demand field-level database encryption

We offer encryption of confidential data in the database itself. Encryption keys are unique to each client and are stored exclusively on servers that encrypt information.

Secured communication and usage audit

WAll communication inside AXDRAFT is encrypted and is not distributed across any third-party services. AXDRAFT also maintains an audit of user actions to help identify unauthorized behavior.

Concerned about the ways AXDRAFT collects and stores your data?

Some of the steps AXDRAFT takes to maintain data security

Background checks

Background checks are performed on new hires before the new hire’s start date, as permitted by local laws. The results are reviewed by HR and appropriate action is taken if deemed necessary.

Security policies

AXDRAFT’s security policies outline requirements for securing the company’s operations, services, and systems.

Employee device security

All mobile and computing devices used by employees that connect to the internal network comply with the Asset Management Policies. Employees must encrypt their devices, and must not interfere or otherwise reduce the level of encryption on their devices.

Multi-factor authentication

All AXDRAFT employees must use multi-factor authentication to authenticate to corporate accounts whenever available. AXDRAFT provides two-factor authentication to its users to protect sensitive data.

Password protection

Employees must use a password manager to avoid insecure or shared passwords with accounts.

Internal control tool

AXDRAFT uses an automated tool that objectively and continuously monitors AXDRAFT’s control environment and alerts management when internal control and security issues arise.

Security training

AXDRAFT has established training programs for privacy and information security to help employees understand their obligations and responsibilities to comply with the Company’s security policies and procedures, including the identification and reporting of incidents. All full-time employees are required to regularly complete these trainings.

User access controls

Prior to issuing system credentials and granting system access, AXDRAFT registers and authorizes new internal and external users whose access is administered by the entity. For those users whose access is administered by AXDRAFT, user system credentials are removed when user access is no longer authorized. AXDRAFT authorizes access to information resources, including data and the systems that store or process customer data, based on the principle of least privilege.

Penetration testing

AXDRAFT engages third-parties to regularly conduct penetration tests of the production environment. Results are reviewed by management and findings are tracked to resolution.

Database backups

Backups are performed daily and retained in accordance with a pre-defined schedule in the Backup Policy.

Customer data policies

Company management has approved AXDRAFT policies that detail how customer data may be made accessible and should be handled. These policies are accessible to all employees and contractors.

Vendor management

AXDRAFT team collects and reviews the SOC reports (or equivalent) of its sub-service organizations and software vendors.

quote block background

Axdraft is very easy to use and produces documents quickly. It is entirely customizable, and customer support is extremely responsive. In our case it allows attorneys to be more productive and less reliant on the availability of a

Amy L.
Attorney & Managing Member
Law Practice
Got questions? Ask our security experts!
Please leave your work email. We will contact you as soon as possible to schedule a demo