What you get and what makes us different to our competitors
Core & advanced features which ensure you get the most out of our signing software.
Our platform seamlessly integrates with most industry specific providers.
We have a flexible pricing model to suit anyone’s specific needs.
What you get and what makes us different to our competitors.
Frequently asked questions and solutions that might be relevant to you.
Plans for Small, Medium & Enterprise level businesses.
No setup fees & pay as you need notary features & add-ons.
Digital signing which integrates with most Recruitment ATS & CRM’s
Improve staff & client experience with digital signatures & notary.
Increasing compliance across life science & device businesses.
Solutions for state, federal, local, county & regional government.
Founded in 2010 to be a simple, smart, and secure signing platform.
ISO 27001 certified software which is backed by PKI Technology.
Technology which ensures non-forgeability & non-repudiation.
The latest Secured Signing company news and awards.
New & updated features and how to use them.
Updates about software we integrate with.
Blog articles, helpful tips and guides on digital signing & notary.
We have a flexible pricing model to suit anyone's specific needs.
Omnis iste natus error sit voluptatem accusantium doloremque
Omnis iste natus error sit voluptatem accusantium doloremque
Secured Signing continues partnership to integrate digital signatures within Bullhorn.
5 reasons government agencies and councils are adopting digital signatures.
New feature: Signing completion certificate.
Home // Posts // Digital Signatures & Secured Signing Security
Secured Signing web service uses Digital Signatures PKI technology for digitally signing documents.
Public Key Infrastructure (PKI) technology has been proven to be the ONLY technology available today that ensures non-forgeable signatures.
In a PKI system, you will get as a user, two keys: a public key and a private key. These keys are used for encrypting and decrypting information, digitally signing electronic information and verifying the authenticity of their owner. While the public key is distributed widely, the corresponding private key is held and encrypted in Secured Signing hardware (HSM) device and only the private key’s owner able to access and use it.
The EU Directive 1999/93/EC for Digital Signatures recognised and defined a stronger type of electronic signature, the Advanced Electronic Signature. Only Public Key Infrastructure (PKI) digital signatures meet the requirements for such signatures.
All communications with Secured signing are encrypted with SSL technology. Users authenticate with encrypted login and password.
Located in one of the most peaceful places on the planet (New Zealand) with:
The Payment Gateway we are using is fully certified as Visa AIS and MasterCard SDP (PCI-DSS) compliant at processor level; using an approved QSA for quarterly scans on systems and full on-site audits, annually. All sensitive information is encrypted with the 3DES protocol, with Hardware Security Module as Network Security Processors.
The privacy and protection of your data is something we take very seriously – which is why our security and privacy program is based on and aligned with industry-standard frameworks, and we maintain a comprehensive suite of certifications and attestations to further demonstrate our commitment to security and privacy.
Secured Signing is ISO/IEC 27001 certified and manages information security within a framework based on related standards such as ISO/IEC 27017 (Code of Practice for Information Security Controls Based on ISO/IEC 27001 for Cloud Services) and ISO/IEC 27018 (Protection of Personally Identifiable Information).
“Internationally recognized ISO/IEC 27001 is an excellent framework which helps organizations manage and protect their information assets so that they remain safe and secure. It helps you to continually review and refine the way you do this, not only for today, but also for the future.” – Learn more about ISO 27001 with BSI.
Information security policies: A policy framework is in place to provide management direction and support for information security in accordance with business requirements and relevant laws and regulations.
Organisation of information security: Secured Signing have established a management framework to initiate and control the implementation and operation of information security within the organisation. This framework considers and ensures the security of teleworking and use of mobile devices as per the Mobile Device and Teleworking Policy. The framework will also assess risks to projects and review of the types and confidentiality levels of information the project will utilise and manage.
Human Resource Security: Secured Signing have established processes and responsibilities relating to information security during the recruitment process, employment and separation. All employees receive security awareness training upon induction, and at least annually thereafter.
Asset Management: Information assets, including hardware, software and data have been identified and classified and an inventory of assets is maintained. Secured Signing classify and handle all information assets in accordance with the Information Classification Policy. Secured Signing and dispose of information in accordance with the Acceptable Use Policy.
Access Control: Methods and controls have been implemented to manage logical access to sensitive data to protect the confidentiality of information as well as integrity and availability requirements. Access requirements are assessed against Access Control Policy and Information Classification Policy. Access to Secured Signing information and systems must be:
Cryptography: Methods and controls for ensuring data are secured during transmission or storage through appropriate encryption processes. Includes methods and processes for managing keys, software and other artefacts.
Physical and environmental security: Appropriate physical controls protect information assets against loss, physical abuse, unauthorised access and environmental hazards. These include perimeter security controls, physical access controls, intruder detection controls, fire, and flood and power protection controls.
Operations security: Methods and controls are implemented that balance the need for IT Operations professionals to have privileged access to systems and networks with the requirement to maintain secure access and confidentiality of data. Management and operation of computers and networks shall be, commensurate with the business risk and value of the information assets. Access into networks will be granted on an individual user and application basis using authorised devices and secured pathways.
Communications security: Methods and controls are implemented to manage the secure transmission of information to ensure confidentiality of sensitive data and to minimise the risk of data loss or leakage. Systems and networks are segregated according to their respective information security risks and use appropriate control mechanisms such as firewalls/gateways, physical isolation and encryption.
System acquisition, development and maintenance: Information security controls for system acquisition, development and maintenance are specified in the Secure Development Policy and included as an integral part of the software development and implementation process.
Security requirements are identified prior to the development or procurement of new information systems, documented in business requirements, validated and tested prior to implementation, and regularly throughout the systems lifecycle.
Supplier relationships: Secured Signing have implemented security controls and processes to manage supplier access to information assets. Suppliers and vendors are be given access privileges only at the level required to deliver contracted services and contracts must comply with information security policies.
Information security incident management: Secured Signing apply a consistent and effective approach to the management of information security incidents. Procedures that define the course of action when a security incident is identified are documented and made available to all employees.
Information security aspects of business continuity management: The application of business continuity management minimises disruption to Secured Signing operations, defining the approach to resilience, disaster recovery and general contingency controls. Secured Signing have developed and periodically review and test Business Continuity Plans that support information security continuity.
Compliance: Secured Signing ensure compliance with all applicable legal and contractual obligations related to information security including taking reasonable steps are taken to monitor, review and audit information security effectiveness. This includes the assignment of security roles, maintenance of policies and processes and reporting of non-compliance. Secured Signing maintains formal processes in place to manage a data breach and the mandatory notifications that are required under relevant laws and specific customer contracts.
Find us on
Gal Thompson of Secured Signing talks about Spanish Language support for Signers
23 August 2023
Secured Signing – Release Notes
15 August 2023
Secured Signing Unveils Cutting-Edge, Digital Signature Technology at the NALA Conference & Expo, 2023
23 July 2023