Information Security & Data Privacy

Security and privacy of your data are responsibilities we take very seriously.

As a company founded by Information Security, Data Privacy and Digital Forensics Professionals, the TotalDiscovery platform is designed and architected with security at its core. Access controls, data separation, encryption, third-party testing and analysis, certifications, employee background checks and a strong security culture are all parts of what makes TotalDiscovery a secure and trusted system by many Global2000® and Fortune500® companies, government agencies, AmLaw200® firms, boutique & specialty law firms and legal service providers.

Data Privacy & Encryption

All data is secured and encrypted, both at rest and during transit. All encryption uses open-source encrypting mechanisms and has been designed and implemented by information system security experts.

  • All information is secured using 256bit AES encryption
  • Cryptographic Key Management is via a trusted PKI system
  • ISO/IEC 27001, NIST SP800-53 and certain DoD Security Directives standards maintained
  • HIPAA, PCI and PII aware and compliant systems
  • All data is stored in systems maintained by TotalDiscovery and housed in Tier 4 global hosting facilities
  • All data maintained within U.S. border
  • For international customers or projects, secure foreign data facilities available
  • TotalDiscovery systems and processes meet or exceed E.U. and Asia consumer data protection regulations
  • SSL/TLS used for securing data in transit
  • Use of well-accepted Certificate Authority
  • No key-sharing between production and development systems
  • TotalDiscovery corporate and operational systems segregated from customer production systems

Development Process & Change Control

TotalDiscovery has been designing and building tools and software for managing legal related information in a defensible and cost-effective way for over a decade. Part of that success is because of the software development process and strict change control process we follow.

  • Hybrid Agile development process
  • All TotalDiscovery developers are U.S. based and highly qualified with at least 5+ years of experience
  • Separate development and SDET teams and systems to ensure independent quality control
  • Iterative release cycle to ensure quick updates at a high quality
  • All new versions of TotalDiscovery technology are staged and tested before release
  • Strict and well documented issue tracking and resolution process

Auditing & Tracking

Because everything we do may find itself as evidence in a legal matter or as part of a legal process, it’s critical that all actions and tasks are audited and tracked. Thus any user action within the TotalDiscovery application and all TotalDiscovery personnel actions are monitored, tracked and logged for legal auditability purposes.

  • All systems and processes are audited annually as per IT standards (e.g., ISO, NIST)
  • All software development is performed and managed by TotalDiscovery employees in our Seattle office
  • All TotalDiscovery employees undergo strict background checks and are all US citizens or equivalent
  • Internal security audits and other process audits occur on a semi-annual basis
  • Formal reporting procedures used for incident tracking and escalation

Access Restriction & Control

Along with ensuring that data is kept private, it is important that all systems are secured from an access and control perspective. All TotalDiscovery systems, including the TotalDiscovery product, TotalDiscovery are tightly controlled in several ways to ensure only authorized access.

  • User/Role based user access management
  • All user access related information maintained in an encrypted database
  • Only authorized users can access their data
  • Customer approval required for TotalDiscovery employees/contractors to access data
  • Chain-of-custody and ACL maintained for all data access processes
  • Strong password policies enforced
  • System time-out enforced for idle browser sessions
  • Access to TotalDiscovery and other TotalDiscovery systems available via secure (HTTPS) browser sessions
  • Segregation of duties in-place to ensure hierarchical security paradigm
  • Documented security policy acceptance required as part of TotalDiscovery employment

System Availability & Data Backup

It’s critical that all data and systems are accessible at all times from anywhere around the globe. Thus TotalDiscovery has invested in the appropriate systems and processes to ensure high-availability to all customer data at all times.

  • All data is backed-up nightly and encrypted
  • Guaranteed 99.95% uptime of all systems and data
  • Hot/warm sites maintained for ensuring quick uptime after natural or other disasters
  • Backup and DR systems and processes tested on a frequent basis

Request a Live Demo of TotalDiscovery

Give us 15 minutes of your time to learn about the key benefits of using TotalDiscovery.

Request a Demo
TotalDiscovery Logo

Request a Demo of TotalDiscovery

We guarantee the privacy of your personal data.