Our unique single-tenant design offers greater security and puts you in control of your data.
Single-Tenant Architecture: To increase flexibility and maximize client data security, we’ve implemented a single-tenant architecture. With a single-tenant environment, each Merlin deployment is unique to a client, using dedicated encryption keys to protect all data at-rest, and ensuring that client data is never accessible by others. We also offer a range of additional security measures including customizable control over the environment, enhanced access restrictions and special monitoring.
We build our operations practices to meet or exceed applicable industry standards for privacy and data security both in the U.S. and around the world. To support that objective, all Merlin deployments are hosted in Amazon Web Services (AWS), one of the leading cloud infrastructure and services providers. Like many of the world’s leading cloud based software providers, we use AWS to provide infrastructure, networking and advanced security services. We then integrate security best practices into software design and data practices.
Encrypted End to End
Data is encrypted in transit and at rest to ensure maximum security using industry leading protocols including TLS and AES-256. This ensures that data is protected at all times on the Merlin platform and between Merlin and its users.
Requests to view a document must be accompanied by a time-limited Authorization Ticket before access is granted. This keeps users from improperly sharing files and hackers from traversing file servers.
Merlin provides granular Role-based Access Control (RBAC) in which every function in the Merlin software platform is available as a permission that can be assigned to a role. Administrators can limit available fields and actions.
Our site run in dedicated environments without data commingline. Each matter runs in separate database, search and storage servers that can be protected from inside and outside intervention.
We provide private fields and shared folders as standard issue. User groups get private tag sets and shared searches so they can work together while protecting group work products.
Extensive auditing and logging capabilities let administrators track each person's use of the site. Document views, tags, searches and other actions are tracked throughout.
DiscoveryPartner isn’t just hosted on AWS; it was meticulously engineered to leverage the cloud’s full potential, especially its extensive array of security features and services. This purposeful integration ensures that, while our users enjoy all the advantages of the cloud, they also benefit from an enhanced security environment that AWS uniquely offers
- Physical Security: AWS maintains highly-secure facilities which are locked-down and monitored at all times. We have decades of experience managing our own environments across private data centers and find AWS to be more secure for a number of reasons, including the fact that they are staffed with many of the best information security professionals in the world.
- Certifications: AWS has been providing infrastructure for government agencies and other large entities around the world for more than a decade. As a result, it needs to carry an extensive list of security certifications from multiple ISO badges to FedRAMP to PCI, HIPAA, SOC and dozens of others. AWS carries over 40 U.S and international audit certifications.
- Encryption: AWS simplifies the use of industry leading encryption technology for securing data in transit and at rest. Encryption ensures that data is only accessible by authorized identities and/or services regardless of the location of that data.
- Redundancy: AWS provides a highly available infrastructure spanning the entire globe. Each AWS region contains several availability zones made up of multiple distinct and highly secure data centers. Deployments on AWS can leverage these data center resources to maximize service availability in ways that couldn’t otherwise be reasonably achieved.
- Security Services: We take advantage of multiple services offered by AWS to protect client data to supplement our security practices. If you need extra security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment. Ultimately, you can take control of your complete site.
Our goal in developing DiscoveryPartner was to take advantage of all the security advantages offered in the AWS environment, taking it to the next level with our unique single-tenant architecture.