Cloud Security in RelativityOne
We invest relentlessly in processes and technology that best protect your data.
Single and Multi-Factor Authentication
RelativityOne supports OpenID Connect and SAML2 protocols, two-factor authentication, and single sign-on.
Our threat intel platform continually monitors each RelativityOne instance for suspicious events. More than 200 intel feeds search for specialized indicators—logon events, new users, alerts from Azure, etc.—to distribute to endpoint protection, including next-generation firewalls, anti-malware, anti-spam, and EDR solutions.
Encryption At-Rest and In-Transit
High standards of cryptography ensure that all data in RelativityOne is encrypted at-rest and in-transit at every endpoint.
We adhere to a secure software development lifecycle to ensure that security is central to feature design. All our developers are required to take courses in security awareness and secure coding practices, and our security engineers are involved in every feature’s design and development. Secure development is our culture.
We perform regular and exhaustive internal and third-party penetration tests to identify and remediate software vulnerabilities before they can be exposed by malicious actors. With regular updates to your RelativityOne environment, your data is always secure.
Our security team collaborates with our engineers to ensure security is central to feature design. We’re vigilant in patching emerging vulnerabilities in any third-party infrastructure components, helping us maintain a 360-degree view and remediate weaknesses before they're exploited.
A customer lockbox prevents administrators (our teams included) from seeing your data unless you say so. RelativityOne also provides discrete user permissions so you can customize varying levels of security for users.
We can provide you with the ability to manage your RelativityOne environment’s encryption key for increased control of your data.
Shared Security Logs
If requested, we can provide the relevant security logs from your RelativityOne instance, so you can perform an independent security analysis and monitor your own environment.
We’ve built a robust protocol for all RelativityOne operations, including:
- Regular rotation of certificates, keys, and passwords
- Multi-factor authentication across all company systems
- Privileged access assigned on a need-to-know basis with the rationale recorded for monthly review
- Segregated environments for design, implementation, testing, and hosting
Our security team responds to critical alerts 24x7, identifying and remediating issues no matter when they pop up.
Culture of Security
Rest assured: We’re committed to making our everyday operations as secure as possible.
Secure Hiring and Training
All new employees pass background checks prior to starting, and we require role-based security training for every member of the team. Those supporting RelativityOne get a double dose of training, with an additional security recertification.
We have a stringent physical security policy that’s regularly reviewed and approved by a RelativityOne information security committee. All doorways require badged entry, and access to the office for RelativityOne operations is limited to the team supporting RelativityOne.
Want to learn more about RelativityOne?
Resources You Might Like:
Relativity Trust: Understanding Security in RelativityOne
Learn why a comprehensive security program is essential to protecting your data.
GDPR & Other Privacy Laws
Protecting personal and confidential data is fundamental to our business. Read our privacy policies.
Mission Update 2019: Security in RelativityOne
Cybersecurity is growing increasingly complicated. Learn how Relativity’s security team rises to the challenge.