Provakil's
State-Of-The-Art Security
At Provakil, the security of your data is our top priority. We use the best-in-class technology while adopting industry best practices so that you can rest assured.
Setting the standard for legal software
Dedicated cybersecurity team
Our dedicated security team works round the clock to respond to security incidents, and solving them is the top priority for our cybersecurity team. We understand the sensitivity of the data running on our platform and ensure to secure it.
Cutting edge technology in cybersecurity
We continuously monitor for potential vulnerabilities. With continuous review and update of our code and systems configuration, we ensure your data is safe by adhering to industry best practices.
Standardizing employee security protocols
We have a strict policy and technical access controls that prohibit employee access to any personally identifiable information. Provakil is compliant with ISO 9001 (Global Quality Standard) and ISO 27001 (Security Management Controls)
Provakil is tested and certified as 'Secure'
Operating per GDPR legislation
Provakil is GDPR-compliant, meeting our requirements as both a data controller and data processor.
Cutting edge technology in cybersecurity
We continuously monitor for potential vulnerabilities. Regular review and update of our code and systems configuration ensure your data is protected by adhering to the industry best practices.
Secure cloud services
Provakil employs Amazon Web Services (AWS) and Google Cloud Platform (GCP) to host its cloud servers.
Both AWS and GCP are compliant with:
CSA (Cloud Security Alliance Controls),
ISO 9001 (Global Quality Standard), ISO 27001 (Security Management Controls),
ISO 27017 (Cloud Specific Controls), ISO 27018 (Personal Data Protection),
PCI DSS Level 1 (Payment Cards Standard),
SOC 1 (Audit Controls Report), SOC 2 (Security, Availability, and Confidentiality Report),
SOC 3 (General Controls Report)
Built with best practices, on state-of-the-art infrastructure
In-transit and at-rest encryption
Provakil uses 2048-bit key encryption for encrypting the communication between clients and Provakil servers. We regularly test our SSL/TLS configuration against the best practices using the SSL Server Test tool and ensure that our rating is greater than 'A.'
Automatic backups and redundant servers
All the data from the DB server and other internal services are backed up daily. Apart from these backups, we also maintain redundant servers in replicas for critical services like databases.
Built with data residency and on-premise deployment in mind
Provakil offers hosting options in different geographies around the world to address any data residency requirements. Provakil's hosting facilities are audited annually for security certifications (SOC 2 and ISO27001) to ensure they employ advanced physical security measures. Provakil also manages on-premise deployment on client servers.
Virtual Private Network for inter-server communication
All servers of Provakil are placed in a virtual private network to provide logical isolation from the internet at large. We use state-of-the-art, peer-reviewed technologies to achieve this, which protects Provakil's servers from Man-in-the-Middle attacks and other potential transport layer security vulnerabilities.
Implementing advanced product features and controls
Role-based permissions
This allows us to give selective access to functionality and data within the product to the different users of the team.
Session/Activity tracking
Provakil logs the IP address of every session for your account and actions taken by your users to help you monitor for suspicious activity.
Login safeguards
Provakil has an SSO with Google, Okta, Microsoft Active Directory, and Azure services to be able to leverage your organization's centralized identity provider into Provakil. Provakil will automatically lock your account for a while after too many failed login attempts.
Password policies
We use the battle-tested, industry-standard bcrypt algorithm to securely hash and salt the password before saving it in our database. Provakil also has provisions to consider password policies from client-specific regulations.
