Search
Close this search box.

Security

Our unique single-tenant design offers greater security and puts you in control of your data.

Single Tenant

We incorporate security into the very fabric of our software platform and engage leading industry experts to assess every aspect of our security architecture.

Single-Tenant Architecture: To increase flexibility and maximize client data security, we’ve implemented a single-tenant architecture. With a single-tenant environment, each Merlin deployment is unique to a client, using dedicated encryption keys to protect all data at-rest, and ensuring that client data is never accessible by others. We also offer a range of additional security measures including customizable control over the environment, enhanced access restrictions and special monitoring.

We build our operations practices to meet or exceed applicable industry standards for privacy and data security both in the U.S. and around the world. To support that objective, all Merlin deployments are hosted in  Amazon Web Services (AWS), one of the leading cloud infrastructure and services providers.  Like many of the world’s leading cloud based software providers, we use AWS to provide infrastructure, networking and advanced security services. We then integrate security best practices into software design and data practices.

Application security

We offer a host of security options designed to ensure control over your data access from upload to archive. In addition to cloud monitoring and active firewall management, we use these best practices to protect data from improper access:

Encrypted End to End

Data is encrypted in transit and at rest to ensure maximum security using industry leading protocols including TLS and AES-256. This ensures that data is protected at all times on the Merlin platform and between Merlin and its users.

Document Lockdown

Requests to view a document must be accompanied by a time-limited Authorization Ticket before access is granted. This keeps users from improperly sharing files and hackers from traversing file servers.

Permission-Based Roles

Merlin provides granular Role-based Access Control (RBAC) in which every function in the Merlin software platform is available as a permission that can be assigned to a role. Administrators can limit available fields and actions.

Single Tenant

Our site run in dedicated environments without data commingline. Each matter runs in separate database, search and storage servers that can be protected from inside and outside intervention.

Multi-Party

We provide private fields and shared folders as standard issue. User groups get private tag sets and shared searches so they can work together while protecting group work products.

Audit Logs

Extensive auditing and logging capabilities let administrators track each person's use of the site. Document views, tags, searches and other actions are tracked throughout.

Cloud security

Those new to the public cloud might have concerns about trading off security for the benefits of speed, scalability, and cost savings. However, the reality with DiscoveryPartner is quite the contrary. In our quest to build a robust platform, we chose Amazon Web Services (AWS) as our infrastructure partner, a decision underpinned by AWS’s pioneering role and leadership in secure public cloud services globally.
DiscoveryPartner isn’t just hosted on AWS; it was meticulously engineered to leverage the cloud’s full potential, especially its extensive array of security features and services. This purposeful integration ensures that, while our users enjoy all the advantages of the cloud, they also benefit from an enhanced security environment that AWS uniquely offers

Physical Security

  • Physical Security: AWS maintains highly-secure facilities which are locked-down and monitored at all times. We have decades of experience managing our own environments across private data centers and find AWS to be more secure for a number of reasons, including the fact that they are staffed with many of the best information security professionals in the world.
  • Certifications: AWS has been providing infrastructure for government agencies and other large entities around the world for more than a decade. As a result, it needs to carry an extensive list of security certifications from multiple ISO badges to FedRAMP to PCI, HIPAA, SOC and dozens of others.  AWS carries over 40 U.S and international audit certifications. 
  • Encryption: AWS simplifies the use of industry leading encryption technology for securing data in transit and at rest. Encryption ensures that data is only accessible by authorized identities and/or services regardless of the location of that data.
  • Redundancy: AWS provides a highly available infrastructure spanning the entire globe. Each AWS region contains several availability zones made up of multiple distinct and highly secure data centers. Deployments on AWS can leverage these data center resources to maximize service availability in ways that couldn’t otherwise be reasonably achieved.
  • Security Services: We take advantage of multiple services offered by AWS to protect client data to supplement our security practices.  If you need extra security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment. Ultimately, you can take control of your complete site.

Our goal in developing DiscoveryPartner was to take advantage of all the security advantages offered in the AWS environment, taking it to the next level with our unique single-tenant architecture.

Scroll to Top