NeatCloud Security Overview
These policies serve to establish the data security practices for Customer Content maintained in NeatCloud to protect Customer Content from unauthorized access. We provide this overview so that you can better understand the policies we put in place to protect your information.
“Customer Content” means any information, data, images, metadata, documents, emails or other material that a customer elects to include in NeatCloud through any method of acquisition including emailing, scanning, mobile devices, or desktop application.
Customer Content in NeatCloud is secured in a number of ways.
All information (including user IDs, passwords, account information, and Customer Content) from all sources, including the Neat mobile app, browsers, emails, NeatScan®, Neat 5 (PC software), Neat for Mac software, or the NeatVerify® Data Center is sent to and received from NeatCloud using 256-bit SSL (Secure Sockets Layer) encryption, the standard for secure Internet network connections. Customer Content retrieved from Dropbox, Google Docs or Evernote is also transmitted using this method. NeatCloud expanded search with Dropbox, Google Docs or Evernote is also encrypted using Secure Socket Layer (SSL) encryption technology.
NeatCloud runs on an infrastructure with various layers of security. These include, but are not limited to: network firewalls and traffic monitoring, private key authentication, and role-based authentication.
All user authentication credentials are secured using an industry standard one-way hash using an algorithm that is adaptive in nature providing a defense against brute force password cracking. Other user authentication measures include: password complexity requirements, auto logout after a period of inactivity, accounts are locked after multiple incorrect password entries, and more.
All image content stored on behalf of customers is encrypted with a unique key using the 256-bit Advanced Encryption Standard (AES-256). This is the same encryption standard banks use to secure customer data. The entire encryption, key management, and decryption process is inspected and verified on a regular basis.
Access to Customer Content is protected by private key authentication, role based access controls and limited network access. A NeatCloud user, once authenticated, may only access the Customer Content associated with the authenticated account.
Other Customer Content remains unencrypted when at rest for the following reasons: (1) the standard metadata fields available in NeatCloud do not include sensitive personal information such as social security number, bank information, medical or genetic information; (2) customers are advised not to create metadata fields that would contain sensitive personal information, the disclosure of which could lead to harm; and (3) the metadata is protected by other security measures, including limited access, passwords, firewalls, and authentication mechanisms.
System administrators with access to Customer Content are prohibited from accessing Customer Content unless absolutely necessary for performance of an official job duty.
Our hosting facilities provide the following additional qualities:
- Secure design principles
- Geographically distributed facilities
- Employee lifecycle and background checking
- Physical security
- Fire detection and suppression
- Power redundancy
- Climate and temperature control
- Configuration management
- Business continuity management
- Storage device decommissioning at the end of its useful life
- Identity and access management
- Network security
- Port scanning detection
Secure Back Up
In addition to securely storing Customer Content, Neat maintains redundant backups of all data over multiple geographic locations to prevent data loss.
Neat, NeatCloud, NeatVerify and the Neat logo are registered trademarks of The Neat Company, Inc. Other marks used herein are the property of their respective owners.