Security in RelativityOne
We strive to make RelativityOne the most trusted and reliable cloud solution your organization will ever use. Security is integral to who we are—from our people and operations, to how we design the software and the foundation we build on.
How We Deliver
Security starts with people, from team member onboarding to ongoing secure-coding training.
It's Everyone’s Responsibility
Access and vulnerability management are always top of mind. Our information security program includes the entire company as well as developers of third-party software components. Protecting the confidentiality and integrity of your most sensitive information involves technical, administrative, and physical safeguards.
Our team is always watching for suspicious events in RelativityOne. A number of data sources—logs from servers, databases, and applications, load balancers, and more—trigger attention as needed. Logs are recorded through an aggregation process that is itself controlled through a tight access management protocol.
How We Engineer
We invest relentlessly in the processes and technology that best protect your data.
Security at Every Step
We adhere to a secure software development life cycle. Code is reviewed with security as a top priority before it’s checked in to our source repositories, and our penetration tests are recurring and rigorous.
Innovation and Security, Together
You'll always have the most secure version of the platform, not just the most feature-rich and performant. Our dedicated information security team collaborates with our engineers to ensure security is central to feature design, and we are vigilant in patching emerging vulnerabilities in any third-party infrastructure components.
Secure by Design
Data security has been essential to Relativity since the beginning, when our first administrative users set permissions with a level of granularity other e-discovery software couldn't provide.
Know Who Has Access to What
A customer lockbox feature prevents any administrator (our teams included) from seeing your data unless you explicitly grant access for support purposes.
Authentication on the Strictest Terms: Yours
Use RelativityOne’s built-in capabilities for user names and password structures, or hook into your own directory (or directories, such as yours and a client’s). RelativityOne supports OpenID Connect and SAML2 protocols, two-factor authentication, and single sign-on.
High standards of cryptography apply to all data in RelativityOne—within data centers and between RelativityOne operators, for data at rest as well as in transit, and at every endpoint.
Your Data in Its Own Space
Your RelativityOne environment is yours only. Customer data resides on dedicated instances on their own isolated network segments with credentials unique to each.
The security and integrity of your data depends on the strength of the architecture around it.
Exceptionally Credentialed Azure Data Centers
RelativityOne’s data centers are built on Microsoft Azure, which is compliant with ISO 27001, HIPAA, FedRAMP, SSAE-16 SOC 1 and SOC 2, ISO 27018, and dozens more industry certifications— it’s the most comprehensive compliance coverage from the industry leader in customer advocacy and privacy protection.
Committed to Compliance with RelativityOne
Our information security practices and operations for RelativityOne are ISO 27001 compliant, the global standard for managing information security risk.
Transparency Around System Health
See the current health of RelativityOne in the system's performance dashboard, which includes response times, infrastructure performance, recoverability and integrity, and uptime.