DocuSign Digital Transaction Management Capabilities and ... · is used during development or...
Transcript of DocuSign Digital Transaction Management Capabilities and ... · is used during development or...
DocuSignDigitalTransactionManagementCapabilitiesand
xDTMStandardV1.0Certification
IntroductionToday,DocuSignhasover225,000customersand85millionusers,whogeneratenearly950,000DigitalTransactionManagement(DTM)transactionsperday–andgrowing.
DocuSignisaleaderinDTM,bothasaglobalproviderofDTMsolutionsandasaparticipantinxDTM.org,across-industrystandardsorganizationthathelpscompaniesacceleratetheirtransitiontodigitaltransactionsandworkflows–safely,securely,andwithastrongreturnontheirinvestment.
DocuSigniscertifiedforthexDTMStandard,Version1.0,thefirstofitskindtofocusspecificallyonthequalityandreliabilityofdigitaltransactions.Inthiswhitepaper,DocuSign’scapabilities,policies,andtechnologiesarepresentedwithinthecontextoftheoftheeightrequirementareasofthexDTMStandard:
• Security• Assurance• Privacy• Validity
• Availability• Scalability• Interoperability• Universality
DocuSign’sDigitalTransactionManagementSolutionandthexDTMStandardWithDocuSign,youcanmakeanydecision,agreement,orapprovalprocess100-percentdigitalend-to-end.Youcanalsobeassuredthatyourdigitaltransactionswillbesafe,secure,andexecutedreliability,becauseDocuSignmeetsandexceedstherequirementssetforbythexDTMStandard.
SummaryofDocuSign’sAdherencetoxDTMStandardRequirements
Security: DocuSigndeliversworld-classsecurityandmeetsorexceedsU.S.andinternationalsecuritystandards.
Assurance: DocuSignwarrantsitscompliancetotheUSESIGNactandcomplieswithapplicablelaws,regulations,andindustrystandardsaroundtheworld.
Privacy: DocuSignbusinessandtechnologymeasuresensurecustomerprivacyandtheprotectionofproprietarycustomerinformationanddata.
Validity: TheDocuSignplatformprovidesanaudittrail,chainofcustody,tamper-evidentseals,andothermeasurestoassurethevalidityoftransactionsexecutedontheplatform.
Availability: DocuSignhasmaintainedmorethan99.99%averageavailabilityoverthepast5yearsanddoesn’tscheduleanydowntimemaintenance.
Scalability: DocuSignundertakesrobustcapacityplanningtoprovideresilientsystemperformanceandensurescalabilityforfuturegrowth
Universality: WithDocuSign,userscanconductbusinessgloballyviaanapportheirplatformofchoice–whilebothconnectedandoffline.
Interoperability: WithplatformAPIs,amobileSDK,out-of-the-boxintegrations,andarichpartnerecosystem,DocuSignintegrateswithachoiceofsolutions.
xDTMWhitePaper
TableofContentsSecurity.........................................................................................................................................................1
Assurance.....................................................................................................................................................8
Privacy........................................................................................................................................................10
Validity........................................................................................................................................................13
Availability..................................................................................................................................................16
Scalability....................................................................................................................................................19
Universality.................................................................................................................................................19
Interoperability...........................................................................................................................................21
xDTMWhitePaper
-1-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
SecurityDocuSigndeliversworld-classsecurityandmeetsorexceedsU.S.andinternationalsecuritystandards.DocuSignisISO/IEC27001:2013andxDTMcertified,aswellasSSAE16,SOC1Type2,SOC2Type2examinedandtestedacrosstheentirecompany.
Inparticular,DocuSign’sorganization-widecommitmenttosecurityisreflectedinthescopeofitsISO/IEC27001:2013compliance,whichincludesall114controls.
“TheInformationSecurityManagementofDocuSign’selectronicsignatureandenterprisesupportservices,includingProductDevelopment,Engineering,QualityAssurance,Operations,Security,BCP/DR,Legal,HumanResources,IT,CustomerService,andtheDatacenters,deliversasecureinfrastructureandresilientenvironment.ThisisinaccordancewiththeISO/IEC27001:2013StatementofApplicabilityvers.229/24/2014”(CertificateissuedbyBritishStandardsInstitute).
SecuritytechnologyatDocuSignspansencryption,systemmonitoring,penetrationtesting,environmentalsegmentation,datacentersecurity,robustauthenticationandencryptionkeymanagementpractices,andproactivemonitoringofpotentialsecuritythreats.DetailsonDocuSignsecuritytechnologyandpoliciesastheyrelatetoxDTMStandardrequirementsaredetailedbelow:
xDTMStandardRequirement HowDocuSignDeliversWorld-ClassSecurity1. Sensitivecustomerdata,
encryptedortokenizedatrestorintransit,adherestoreferablestandard,suchasNIST,ISO,orequivalent.
• NoDocuSignemployee,vendor,orcontractorhasaccessorvisibilityintocustomerdocumentswithinaDocuSignenvelope.ThisincludesenvelopesresidentontheDocuSignservice,aswellasenvelopesthecustomerhastransferredfromtheservice.
• DocuSignmaintainsanInformationClassificationPolicytoassurethesecurityandprotectionofproprietarycustomerinformationanddata.Thepolicydefinesclassifications–suchasSecret,Restricted,Internal,andPublic–thatspecifytherequiredsecurityandhandlingofdata.Forexample,customerdocumentsintheproductionenvironmentareclassifiedasSecretandprotectedthroughsystemicencryption,whilecustomerrecipientinformationutilizedtorouteenvelopesforsigningisclassifiedasRestricted,withaccesslimitedtocustomerservicestaffonly.
• Asnotedabove,onlytransactionaldatasurroundingenvelopesispermittedtobeaccessed–suchasusername,emailaddress,phonenumber,address,andenvelopemetadata–andislimitedtocustomervalidation,customerservice,support,andsimilarpurposes.OnlyDocuSignemployeeswithademonstratedneedtoknowandspecificjobresponsibilitiesmayhaveaccess.Asanadditionalsafeguard,DocuSigntier-1customersupportisISO27001:2013certified.
• DocuSignencryptsdataend-to-endonitssystemstoensurethatdataissecurewhilebothintransitandatrest.Intransit,DocuSignreliesonTLSprotocolsusingstrongciphersuites(including256-bitkeys).Fordataatrest,DocuSignutilizesAdvancedEncryptionStandard(AES)256-bitencryptionwithmultiplelayersofencryptionkeys.
• DocuSignstorestwoprimarykindsofinformationonbehalfofusers:
xDTMWhitePaper
-2-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignDeliversWorld-ClassSecurityo Transactionalmetadata(whosentwhat,when,andtowhom),storedinan
authenticatedSQLServeronanisolatedback-endnetwork(BEN)withTransportLayerSecurity(TLS)encryption
o CustomerdocumentsinsideDocuSignenvelopes,storedusingBinaryLargeObject(BLOB)withAES256-bitencryption.
• Duringreplication,dataisencryptedatAES256-bitencryptionwithmultiplelayersofencryptionkeysandisreplicatedviaprivatefibertosecuredatacenters,physicallysegregatedfromDocuSign'scorporatenetworks(seeSecurity:Section6).
PleaseseeFigure1:DocuSign’sNetworkArchitecture
2. Securesegmentationorcontainmentofdataisprovided.
• DocuSignmaintainsphysicallyandlogicallyseparatenetworksforitselectronicsignatureproductionserviceandcorporatebusinesssystems.AnyservicenotspecificallyallowedonDocuSign’snetworksisdisallowed,andnocustomerdataisusedduringdevelopmentortesting.
• Withintheproductionnetwork,DocuSignmaintainsaformalsecuresegmentationprogram.Separatemanagedenvironmentsexistfordevelopment,qualityassurance,pre-deploymentstaging,customerdevelopment,demonstration,andcustomerproduction.
• Thesecuresegmentationprogramincludesademilitarizedzone(DMZ)structurecomposedofapairoffirewallsseparatingtheproductionWebandapplicationhostsfromdirectInternetexposure.ItalsoincludesaninternalfirewallseparatingtheDMZserversfromdirectaccesstorelatedstoragedata.
• Thefront-endfirewallfilterstrafficthatentersadatacenter,andtrafficpassesthroughaback-endfirewallbeforereachingtheBENstorage.
• Aspartofitsmultitenantarchitecture,allenvelopeandencrypteddocumentdataiskeyedtoitsassociatedcustomeraccountusinguniqueaccountanduseridentifiers.
• Everysixmonths,DocuSignauthorizesathird-partyreviewofcorporateandproductionfirewalls.
• DocuSignmaintainsathird-partysecurityassessmentprogramandconductssecurityassessmentsagainstbusinesspartnersimportanttoDocuSign’sservice.
PleaseseeFigure1:DocuSign’sNetworkArchitecture
xDTMWhitePaper
-3-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignDeliversWorld-ClassSecurity
Figure1:DocuSignNetworkArchitecture–CustomerDataIsEncryptedatAllTimes
3. Standards-basedencryptionkeymanagementisoffered(ISO,NIST,orequivalent).
Standards-BasedEncryptionKeyManagement• DocuSignmaintainsanencryptionkeymanagementsystemthatiscertifiedand
examinedunderISO27001:2013,PCIDSS,andSSAE.
• Aqualifiedthird-partyauditfirmvalidatesandtestsDocuSign’skeymanagementmethodology,whichisreportedannuallyinDocuSign’sSSAE16report.
ComprehensiveTechnicalMeasuresforKeySecurity
• DocuSignBLOBsareencryptedusingarandomlyassigned256-bitkeyfromaDocuSignEncryptionKeyManager.
• Noonepersonmaintainsthefullencryptionkeytodecryptcustomerdata.
• KeysintheDocuSignEncryptionKeyManagerareprotectedbyaDatabaseMasterKeyandanOperationsMasterKey,bothofwhichmustbepresenttoaccessthedocumentencryptionkey.Thismethodologyresultsinadouble-blindencryptionkeyprocessasafurthersecuritymeasure(seeStrictSegregationofDutiesbelow).
• Thereare1,000activeencryptionkeysatanypointintime,withkeysrotatedquarterly.
• Keyrotationprocess:
o Apurpose-builttoolconsumeskeysfromboththedatabasecredentialsandtheOperationsMasterKeyonaquarterlybasis.
o Thesystemgenerates1,000newencryptionkeysandusesthemtoencryptallnewdocumentsthatenterthesystem.Allpreviouskeybatchesremaintodecryptexistingdocuments.
StrictSegregationofDuties
xDTMWhitePaper
-4-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignDeliversWorld-ClassSecurityDocuSignenforcessegregationofkeycustodianshipdutiestoensurecustomerdataremainssafe.
• Twodifferentteamsmanagethetwosetsofkeysthatmustbepresenttogethertoaccessthedocumentencryptionkey(OperationsMasterKeyandDatabaseMasterKey).
• Amemberofeachteamisrequiredinordertogainaccesstothedocumentencryptionkeys.ThetechnicaloperationsteamneverhasaccesstotheDatabaseMasterKey,andthedatabaseteamneverhasaccesstotheOperationsMasterKey.
• Asafurthersegregationmeasure,DocuSignpersonnelintrustedroleswithinthekeymanagementprocessdon’thavesystemaccounts.Theirroleislimitedtoonlyprovidingauthorizationsduringanemergencyevent.
PleaseseeFigure2:MultilayeredProtectionofEncryptionKeys
Figure2:Multi-layeredProtectionofEncryptionKeys
xDTMStandardRequirement HowDocuSignDeliversWorld-ClassSecurity4. Standards-basedencryption
keymanagementisoffered,includingtheabilityforcustomerstoholdencryptionkeys.
Forcustomerswhomayberequiredorchoosetodirectlymanagetheirencryptionkeys,DocuSignoffersaSecurityAppliance.
• TheDocuSignSecurityApplianceoffloadsthekeystorageandreleasepoliciesfromtheDocuSigncloudontoacustomer’sprivatenetwork,whilealsoallowingthemfulluseoftheDocuSignplatform.
• Thephysicalandlogicalseparationofcloud-baseddataandcustomer-retained
xDTMWhitePaper
-5-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
encryptionkeysisdesignedtoaddresscustomerscenarioswherethehighestlevelofsecurityisrequired.
TheDocuSignSecurityAppliancefollowscloudsecuritybestpracticesforhigh-securityimplementations,asrecommendedbytheCloudSecurityAlliance.
5. Thecompanyperformsperiodicpenetrationtestingbyqualifiedthirdparties.
• DocuSignisISO27001:2013certifiedandPCIDSScompliant,withannualpenetrationtestingconductedagainstboththeDocuSignapplicationanditsinfrastructurebycredentialed,industry-recognizedorganizations.
• Thetestingscopeincludesphasessuchasarchitecturalreview,securityassessment,andexecutionofattacksagainsttheDocuSignexternalandinternalnetworkinfrastructure.
• Penetrationtestingincludesvalidationofanti-tamperingcontrols.
Actionabletestfindingsbecomeinputsintoaremediationandresponseplan,wherethey’reassignedaseverityratingandtrackedtoclosure.
6. Standard-basedsecuritysystemsatdatacenters(ISOorequivalent)areutilized.
ComprehensiveStandards-BasedDataCenterSecurity• DocuSignusesdatacentersthatareISO27001:2013,PCIDSS,andSSAE16
certified.
• DocuSignmaintainsstrongphysical,environmental,andsecurityaccesscontrolsforitsdatacenters,andthesepoliciesareISO27001:2013,PCIDSS,andSSAE16certified.
• Datacentersemploymeasuressuchas7x24x365guards,mantraps,keyedaccesstoDocuSigncages,andCCTV.
StringentAccessControl• DatacenteraccessisauthorizedbyDocuSign’sdirectoroftechnicaloperations
andincludesnotificationtothesecuritymanagementteam.
• DocuSigntracksaccesstothedatacenter,withvisitorlogsrevieweddailyandkeptfor90days.
7. Multifactorauthenticationmethodsaredeployedanddocumented.
SecureAccesstoCriticalEnvironments• DocuSignemploysinternaltoolsandcontrolstomanageaccesstoapplications
containingorretrievingsensitiveorcriticaldatasources.ThisincludesinternalaccesstotheproductionenvironmentaswellasaccesstotheadministrativepaneloftheDocuSignservice,whichisusedbyDocuSignpersonneltoconfigurecustomerimplementations.
• Accessisrestrictedtodesignatedpersonnelandconnectivityutilizesatwo-factorauthorizedVPNtunnel.EncryptionisAES256-bit,andtwo-factorauthenticationutilizesActiveDirectorycredentialsplusasofttokenrequiringaPINandtokencode.
AuditingofUsers
• DocuSigncapturesandcorrelatesloggedeventsinreal-timefromsystemsanddevicestoboththeoperationsandsecurityteams.Examplesinclude:o Identityofpersonsaccessingthesystem;successful/unsuccessfullogin
attemptso Additions,deletions,andmodificationstouseraccounts/privilegeso SwitchingofIDsduringanonlinesessiono Attemptstoperformunauthorizedfunctionsoraccessdatathatis
unauthorized
xDTMWhitePaper
-6-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
o Sourceofconnectionandsystem-levelevents.• DocuSignmaintainsanauthorizationchainforemployeeaccessthatrequires
managementapprovalcommensuratetothesensitivityofapplicationsanddatasources.Accessisreviewedatleastquarterlytoverifythataccesslevelsareappropriate.
Inaninitialconfigurationandprovision,DocuSignstaffconfiguresomesecurity-relatedsettings,withcustomerpermission.Theadministrationinterfaceprovidesanauditlogofsettingsmadetotheaccountandbywhom,enablingcustomerstoseearecordofchanges.
8. ThexDTMsolutionmonitorsformaliciousandinappropriateactivityonanongoingbasis.
DocuSignimplementsadefense-in-depthapproachtohardeningtheproductionandcorporateenvironmentsagainstexposureandattack.Networkmanagementcontrolsinuseincludeanintrusiondetectionsystem(IDS),malwareprotections,andsystemmonitoring.
• Monitoringfrequency:Aqualifiedthird-partyperformsmonthlyinternalvulnerabilityscansandquarterlyapplicationscanning.
• Intrusiondetection:Productionsystemsareconfiguredtosendeventandlogdatatoasecurityinformationandeventmanagement(SIEM)systemwhereadedicatedteamcorrelatesandanalyzeseventsona24x7basis.
• Antivirus/anti-malware:DocuSignutilizesenterprise-classantivirus/anti-malwaresoftware.Endpointworkstationsandotherdevicesaremonitored,andnon-PDFdocumentsarescannedformaliciouscontentonconversiontoPDF.Antivirussignaturesareautomaticandperformeddaily.Usersarepreventedfromdisablingthesecontrolsoralteringtheirconfiguration.
Emailprotection:DocuSign’sproductionemailserviceutilizesbothDomainKeysIdentifiedMail(DKIM)forsigningoutboundemailandTLStoassurethatconfidentialcommunicationoccursoveranencryptedsession.
9. Theorganizationfocusesonintelligencecollection,leadingtosecuritybreachdetectionandprevention.
• DocuSignmaintainsprofessionalrelationshipsforsecuritynotificationswithorganizationsthatincludetheComputerEmergencyReadinessTeam(CERT),HighTechCrimeConsortium(HTCC),theInformationTechnology-InformationSharingandAnalysisCenter(IT-ISAC),andothers.
• DocuSignoperationsandsecurityoperationspersonnelsubscribetomultiplevendorandindustrysecurityadvisorymailinglists.
ThreatintelligenceismonitoredthroughouttheorganizationandaggregatedviaDocuSign’ssecuritycouncil.Whenathreat/riskisidentified,itspotentialimpactisassessedbythesecurityorganizationanddocumentedviathecompany’sriskregisterfortrackingandresolution.
10. Theorganizationprovidestheabilitytoanonymizedataforparticipationinthreatintelligencenetworks.
Duetosecurityconsiderations,additionalinformationregardingdataanonymizationmaybemadeavailableuponrequestorinresponsetospecificquestions.DocuSigndoesparticipateinthreatintelligencenetworksasmeansofhelpingtomitigatesecuritythreats.
11. Thecompanyemploysaresponsemodelthatadherestoapplicablelaws.
DocuSignmaintainsanISO27001:2013,PCIDSS,andSSAE16examinedandtestedincidentresponseprogramthatprovidesguidanceandprocedurestoenactintheeventofanincident.AComprehensiveResponseModel
• Theresponsepolicyclassifiesincidentsbytypeandseverity,setsthelikelyscopeofresponse,andassignsrolesandresponsibilities.
• Requirementsforincidentdetectionandreportingaredefined,andarangeof
xDTMWhitePaper
-7-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
specificcontainmentmeasuresareprescribed.
• Requiredresponsetimesaredefinedforincidentsbasedonnatureandseverity.
• Requirementsforevidencegatheringaredetailed,aswellaseradication/recoverymeasures.
NotificationProgram• DocuSignmaintainsadatabreachnotificationprogramtopromptlynotify
customersintheeventtheirinformationislostorexperiencesunauthorizedaccess.
DocuSignwillcontactcreditcardissuersintheeventofacompromiseorremovalofcardholderdata.
12. Thecompanyhasanincidentplaybookinplace.
DocuSignmaintainsandexecutesanincidentresponseplaybookspecializedtosecuritythreatsandevents.Itaddressesincidentsbothproactivelyandreactively,whennecessary.
• Thescopeoftheplaybookincludesguidanceandproceduresfordetection,containmentresponse,resolution,anditeration/improvement.
• Inputsareusedtodetectanomaliesoridentifypolicyviolationsandincludesecuritypolicies,legalandcomplianceviolations,andthreatandriskinformation.
• Guidanceincludesareassuchasdefiningthescopeofmonitoring,usecases,andtriggers/thresholdsformonitoringsystems.
• Aspartoftheresponseprocess,allsecurityincidentsareprioritizedbasedonimpactandurgency.Servicelevelagreementssetresponsetimesforallstakeholdersinvolvedintheincidentmanagementprocessandprovideanaccuratemeasureoforganizationalperformance.
• Afterresolution,incidentmanagementmetricsaretrackedandreportedtoensuretheprocessisperformingasexpectedandtofurtherfine-tunetheresponseprocess.
Toensuretheplaybookevolvestoincorporateupdatedregulationsandstandards,aswellasbestpractices,theprocessisreviewedsemi-annually.
13. Thecompanymaintainsamaturesecurity/riskcouncil.
• DocuSign’ssecuritycouncilmanagessecurityriskforDocuSign;addressesallareasofsecurityrisk,includingoperationalrisk,compliance,design,andlegal/contractualrisk;andratifiesthecompany’ssecuritypolicy.
• Thesecuritycouncilmaintainsauthorityforverifyingthatcomplianceismaintainedacrossidentifiedcontrolsandoverseesagovernance,risk,andcompliance(GRC)programfortheorganization.TheprogramassuresGRCacrossareas,suchas:
o Customerinformationsecurityo Securityoperationso Databreachnotificationo Businesscontinuityo Keymanagemento Securitychangeapprovalo Securityassessmentso Securesegmentationo Incidentresponseprogram
xDTMWhitePaper
-8-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
o Third-partysecurityassessmentprogram.• RiskstoDocuSignaremonitoredthroughouttheorganizationviasecurity
councilmeetings.Whenariskisidentified,therisklevelisassessedbythesecurityteamandaddedtotheriskregister.Theriskregister,includingmitigationstrategies,isreportedtothesecuritycouncilonaregularbasis.
• Toensureithasvisibilityandauthoritytomeetitsresponsibilities,thecouncilannuallyassessesthecompany’sorganizationalstructure,reportinglines,authorities,andresponsibilitiesaspartofongoingriskassessmentandmanagement.
Additionally,DocuSignhasadeputychiefriskofficer(CRO)whooverseesthechiefinformationsecurityofficer(CISO).Inadditiontodefiningsecuritystrategy,thedeputyCROperformsinanindependentauditandassessmentcapacity.
AssuranceDocuSignwarrantsitscompliancetotheUSESIGNactandcomplieswithapplicablelaws,regulations,andindustrystandardsaroundtheworld.DocuSignisdirectlycertifiedforISO27001:2103,PCI-DSS,andTRUSTe.TheDocuSignplatformcontainscapabilitiesthatenablecustomerstomeettheirrequiredcompliancetospecializedindustryregulations,suchasHIPAA,FDATitle21CFRPart11,andspecializedrulesfromtheFTCFHA,IRS,andFINRA.
Figure3:DocuSign–HighestandBroadestSetofStandards
xDTMStandardRequirement CertifiedtoLeadingGlobalStandards1. ThexDTMsolutionwill
complywithapplicablelaws,DocuSigncomplieswithapplicablelaws,regulations,andindustrystandardsaroundtheworldgoverningdigitaltransactionsandelectronicsignatures.
xDTMWhitePaper
-9-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement CertifiedtoLeadingGlobalStandardsregulationsandindustrystandards.
EngineeredtoSupportaBreadthofLaws,Regulations,andIndustryStandardsTheDocuSignserviceeithercompliesdirectlywiththelawsandregulationsbelow,orhelpscustomersmeetrequirementsneededfortheirowncompliance:
• DocuSignwarrantstotheUSESIGNAct,EUlegislation(EuropeanRegulation910/2014),andtheUKElectronicCommunicationsAct.
• ISO27001:2013:DocuSigniscertifiedacrossall133controlsandistheonlyeSignaturecompanycertifiedasaninformationsecuritymanagementsystem(ISMS).
• SSAE16,SOC1Type2,SOC2Type2:DocuSigncomplieswiththereportingrequirementsstipulatedbythebytheAmericanInstituteofCertifiedPublicAccountants(AICPA),undergoesyearlyauditsacrossallaspectsofitsenterprisebusinessandproductionoperations,andhassustainedandsurpassedallrequirements.
• TRUSTe:DocuSigniscertifiedbyTRUSTe,andsecurelyandsafelyhandlescustomerdataasoutlinedinitsprivacypolicy(seePrivacy:section2).
• PCIDSS3.1:DocuSignisPCIcertifiedforsafeandsecurehandlingofcreditcardholderinformation;andwhilesmallercompaniesmayself-certify,DocuSignhasreachedathresholdoftransactionsthatrequiresathird-partyaudit,ensuringthedeepestlevelofexamination.
• HIPAA,FDATitle21CFRPart11:theDocuSignservicesupportstheeSignaturepracticesthathelporganizationsmeettheircompliancerequirementsfortheseregulations.
• DocuSigniscertifiedasSkyhighEnterprise-Ready™undertheSkyhighCloudTrust™program,whichevaluatessecuritycontrolsandenterprisereadinessbasedonCloudSecurityAlliance(CSA)criteria.
• DocuSignmeetsspecializedrulesfromtheFDA,FTC,FHA,IRS,FINRA,andothers.Detailedinformationcanbeprovidedonrequest.
ObtainsRequiredConsents
DocuSignobtainsrequiredcustomerconsenttodobusinesselectronically:
• Consentforbusinesstransactionsisachievedthroughstepsintheservice’sworkflow.
• ConsumerconsentisobtainedbytheDocuSignservicethroughtheuseofrequireddisclosuredocumentsandbyobtainingacustomer’saffirmativeconsenttouseelectronicrecordsforthetransaction.Thesolutionalsoenablesacustomertowithdrawconsent.
xDTMWhitePaper
-10-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
PrivacyDocuSigniscommittedtocustomerprivacyandtheprotectionofproprietaryinformationanddata,andemploysmeasuresacrossmultiplebusinessandtechnologyareas.WithDocuSign:
• Contractualprivacyprotectionsassureconfidentialityofcustomerinformationandprohibitemployeesfromviewingcustomerdocuments.
• Customerssettheirownprivacyanddocumentmanagementsettingsontheplatform.• Independent,externalorganizations,suchasTRUSTe,certifytheplatformaspartofthecompany’s
compliancewithglobalprivacyanddataprotectionregulations.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacy1. Personaldataisusedforthe
purposeitwasintendedandisconsistentwiththeorganization’sprivacypolicy.
DocuSignmaintainsacomprehensiveprivacypolicyandiscommittedtotheprivacyprinciplesofnotice,choice,onwardtransfer,security,dataintegrity,access,andenforcement.
• DocuSignhasreceivedTRUSTe'sPrivacySeal,signifyingthatitsprivacypolicyandpracticeshavebeenreviewedforcompliancewiththeTRUSTeprogram.
• TRUSTereviewsDocuSign’sprivacypolicyannuallyacrossboththebusinessandproductionsite.
TransparencyinDataUsageThecollectionanduseofpersonaldatadescribedbelowisincludedinDocuSign’spubliclypostedprivacypolicy.
• PersonaldatacollectedbyDocuSignincludesuser-providedinformation,suchasname,emailaddresses,mailingaddress,andbillinginformation.Italsoincludestechnicalinformation,suchasIPaddress,locationinformation,deviceidentifiers,usagedatarelatedtohowauserinteractswiththeservice,andtransactionaldataassociatedwithcontractsuploadedorsignedontheDocuSignservice.
• PersonalinformationisusedfortheservicesoftheDocuSignplatform,thecreationofrecordsreflectingusers’transactions,identityverification,andfraudprevention.Thisappliestodatacollectedbytheservice,externallyfacingwebsites,orothermeansofdatacollection.
• Employeesareprohibitedfromviewingthecontentincustomerdocuments,andcustomersupportpersonnelarelimitedtoviewingonlydatathatdescribesdigitaltransactionsontheservice(seeSecurity:Section1).
• Inthecaseofamerger,acquisition,orsale,DocuSignwillnotifyusersofanychangesinhowpersonaldataisused,aswellasanychoicesusershaveregardingtheirinformation.
• ThirdpartiesthatprovideservicestoDocuSignarerequiredtoonlyusedatasharedwiththemfortheservicesthey’reprovidingtoDocuSign.
xDTMWhitePaper
-11-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacy2. Treatmentofnotice,
consent,andchoiceisclearlyreflectedinapubliclyavailable,writtenprivacypolicy.
DocuSign’spostsitsprivacypolicyonthecompany’spublic-facingwebsiteanddescribestheprivacypracticesofthecompany,includingnoticeandconsent.ClearNoticeonConsent,Choice,andNotifications
• Acustomer’suseofDocuSign’swebsitesormobileapplicationsconstitutesconsenttotheprivacypolicyandtothecollectionanduseofinformationdescribedinit.CustomersarerequestedtonotuseDocuSign’sservicesiftheydon’tagreetothepolicy.
• VisitorstoDocuSign’spublic-facingwebsitemayoptoutofreceivingtailoredadvertisingordatatracking.
• DocuSigndoessendemailsrelatedtocompletingsigningsorothertransactionsontheservice(requiredaspartoftheservicesundercustomercontracts).
• Inthecourseofatransaction,usersoftheDocuSignservicemayaccesspersonalinformationofotherparticipantsinatransaction.Thecompany’sprivacypolicyspecifiesthatthisinformationmayonlybeusedinconnectionwithDocuSign’sservicesandmaynotbeusedforunsolicitedcommercialmessages.
AdherencetoInternationalPrivacyConsiderations• DocuSignhasacorporatecommitmenttopursueBindingCorporateRules,a
bindingorganizationaldatagovernancepolicyframeworkreviewedandapprovedbyEuropeandataprotectionauthorities.
• DocuSignwillmakeadataprocessingaddendumtocustomersthatincorporatestheEuropeanCommission’smodelclauses.
3. Policiesaddressingtransactionretentionandpurgingareclearlystated.
CustomersSetTheirManagementPoliciesWithDocuSign,customerssettheirowndocumentmanagementpolicies.CustomersmaykeeptheirdocumentsonDocuSign’ssecureservers,downloadthem,orpurgethemfromtheDocuSignservice,attheirdiscretion.Retention
• MostcustomersleavesigneddocumentsintheDocuSignsystemindefinitelyasameanstoretainanindependentthirdpartythatcanwarrantthedocumentshavebeensecurelystoredandnotaltered.
• CustomersmayalsoutilizetheDocuSignConnectpublisherservicetotransfercopiesofsigneddocumentstodocumentrepositoriesbehindtheirownfirewall.
Deletion• Deleteddocumentsareremovedfromauser’sview,butarenotexplicitly
purgedasaresultofdeletingthem.Whenausermovesanenvelopeintothedeletedfolder,onlyapointertotheenvelopeisremoved.It’sonlywhennopointersareleft,thattheenvelopeanddocumentsarepurged(meaningtheenvelopenolongerresidesinanyDocuSignuserfolder).
Purging• Customerscanconfiguredocumentretentiontospecifythenumberofdaysto
retaindocuments(measuredfromthedatetheenvelopeiscompleted,voided,ordeclined).Oncethepurgedateforanenvelopearrives,it’sputintothepurge
xDTMWhitePaper
-12-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacyqueueandpurgedfromthesystem14dayslater.
• Notificationemailsaresenttoboththesenderandrecipientsasanenvelopeentersthepurgequeue.
• EnvelopesandthedocumentsthatarepurgedfromDocuSignarepermanentlyremoved.
• WhiletheDocuSignservicewillremoveadocumentfromthesystem,itwillmaintaintheauditlogtovouchfortheexecutionhistoryofthedocuments.
4. Privateinformationisonlyprovidedtogovernmentorganizationswhenthereisagoodfaithbeliefthatsuchdisclosureisreasonablynecessarytocomplywithanyapplicablesubpoenaorotherlegalprocess,ortoprotecttherights,property,orsafetyofanyone.
DocuSignhasapolicyofprovidingnoticetoitscustomerswhenthere’sanexternalrequestforinformationabouttheiraccounts,suchaslawenforcement.DocuSign’spubliclypostedpolicy,“RespondingtoUserDataRequests,”detailshowthecompanyrespondstorequests,whatinformationDocuSignmayprovide,andthecircumstanceswhereitworkswithlawenforcement.
5. Companypoliciesincludemeasurestoevaluatethepotentialtocauseharmbyreleasingprivatedata.
DocuSignmaintainsmultiplepoliciesandmeasuresforevaluatingthepotentialharmfromareleaseofprivatedata(forexample,duetoadatabreachoraccidentaldatadisclosure).Theapproachesbelowenablebothanassessmentofthescaleandimpactfromareleaseofprivatedataaswellastheeffectivenessofavailablemitigations.
• DocuSignhasaformalriskmanagementprogramthat’sISO27001:2013certifiedandincludeslikelihood,impact,qualitativeandquantitativeanalysis,andregulatoryrequirements.
• DocuSign’sCROoverseesthecompany’sGRCprogramthatassessesriskandensuresthatcontrolsapplicabletoabreachareinplace(seeSecurity:Section13).
• DocuSignmaintainsasecurity/riskcouncilasanaccountabilitypointforthereporting,assessing,tracking,andmitigatingofidentifiedrisks(seeSecurity:Section13).
• DocuSignhasanincidentresponsemodelthatincludesimpactassessment,correspondingservicelevelagreements(SLAs)forresponse,andSLAsforresolutionactivities(seeSecurity:Section11).
• DocuSignmaintainsanincidentresponseplaybookthatrequiresproactivemeasurestodetectpotentialincidents,suchasasecuritythreat.ItalsoprescribesDocuSign’sresponsetosuchanincident,includingassessingimpactandrespondingwithintherequiredSLAs,(seeSecurity:Section12).
• DocuSignmaintainsabreachnotificationprogramtonotifyusersafterabreachandotherincidentsarediscovered.DocuSignwillidentifytheindividualswhosepersonalinformationwasaffectedandprovidedescriptionsofthecategoriesofpersonalinformationinvolvedforeachperson,howandwhentheincidentoccurred,howandwhentheincidentwasdiscovered,stepstakentoaddresstheincident,andanystepstakentopreventarecurrence(seeSecurity:Section10).
xDTMWhitePaper
-13-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
ValidityTheDocuSignplatformprovidesanaudittrail,chainofcustody,tamper-evidentseals,andothermeasuresthatprovidecompletetransactiondetailandassurethevalidityoftransactionsexecutedontheplatform.Multiplemethodsofauthenticationareavailabletovalidatetransactionparticipants,andcustomersmaycombineauthenticationmethodsifwarrantedbythesensitivityoftheirdocuments.Finally,thestructureoftheDocuSignworkflowprovidesevidenceofagreementandintenttotransact.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacy1. Transparencyinto
relevanttransactionattributes,suchasmessageorigin,author,content,andtransmissiontime.
TheDocuSignsolutionlogsandprovidesdetailedinformationontransactionsthattakeplaceontheservice.Italsoprovidesdocumentsthatcustomerscanadmitintocourt,aswellasmeasurestopreventatransactionparticipantfromrepudiatingtheirsignature.Theinformation-capturecapabilitiesofDocuSignassure:
• Transparencytocustomersontheprogressoftheirdigitaltransactions
• Afullaudittrail(seeValidity:Section4).
CompleteDetailsoftheDigitalTransaction• Adocumentlistindicatesrecipientsandthestatusforeachdocument,suchas
completed,waitingforothers,voided,ordraft.
• Adocumentdetailareaprovidesinformationoneachrecipient'sactivityinthedocument.Examplesincludedateviewed,whichrecipientshavesigned,orwhichhaveyettocompletethesigningtransaction.
xDTMComplianceDocuSignprovidesthefollowingtransactionvalidationdetails:
• Numberofitemsandpagesforalldocumentsordatainatransaction
• Identityorcontactdetailforthepersonorsystemthatsentthedocumentsordata,aswellastheIPaddress
• Transactionstatusinformation,coveringinitiationthroughin-processandcompletion
• Storageinformationonwherethecompleteddocumentsandfinaldataareheld
• Recipientcontactinformationforeachdocumentordatacomponent
• Informationthatreportstheauthenticationmethodusedandwhetheritwassatisfied
• Contentandconfirmationofdisclosuresagreedtobytherecipient
• Eventandactiontimestampstosupportadetailedaudittrailforthetransactionwithintegrityprotection.
2. Averifiablechainofcustodyforeachcustodianthatincludesdocument/transaction,metadata,andhistory/
TheDocuSignsolutionincludescapabilitiesspanningencryption,logging,anddatasecuritythatsupportthelegalityoftransactionsbymaintainingtheintegrityofdataanddocuments.
• Adigitalaudittrail,knownasacertificateofcompletion,iscreatedforeveryenvelopeandcapturesthesigningparties’names,emailaddresses,
xDTMWhitePaper
-14-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacyfuturelengthofcontract. authenticationmethod,publicIPaddress,signinglocation(ifprovided),
envelopeaction,andtimestamps.
• In-systemchecksusingadigitalchecksum(mathematicalhashvalue)validatethatthedocumentsinanenvelopehaven’tbeentamperedwithoutsideofeachsigningevent.
• DocumentsexportedfromDocuSignaredigitallysignedforthepurposeofdetectinganyevidenceoftampering.ThetampersealisanX.509publickeyinfrastructure(PKI),standards-based"digitalsignature"issuedbyacertificateauthority.It’sappliedtoadocumentatthetimeofdownloadfromDocuSignandindicateswhetheradocumentwaschangedsinceitwasdownloaded.
3. Appropriatecredentialing,suchascriteriaforcredentials,credentialcreation,anddocumentedtreatmentofco-transactors.
DocuSignprovidescustomerswithmultiplecapabilitiestoauthenticateparticipantstoatransaction.Customersmayalsoauthorizedifferentprivilegesamongtheparticipants.MultipleOptionsforAuthenticatingParticipantsinaTransactionSupportedmethodstoauthenticatesignersinadigitaltransactioninclude:
• Accesscode:therecipiententersacodeprovidedtothemseparatelyfromDocuSigncommunications.
• SMS:therecipiententersacodereceivedasanSMStextmessageataspecifiedphonenumber.
• Phoneauthentication:therecipientanswersaphonecallatanumbersuppliedbytherecipientandprovidesanauthenticationcode.(Note:anadditionalavailableoptionenablestherecordingandgenerationofabiometricvoiceprintasanadditionallayertotheauthenticationprocess).
• Knowledge-basedauthentication:Thismethodrequirestherecipienttoanswerdetailedquestionsaboutthemselvesbasedondataavailableinpublicrecords.
• SocialID:TherecipiententershisorhersocialIDinformation,whichisvalidatedagainstthatservice,toaccessthedocumentsforsigning.SupportedservicesincludeSalesforce.com,Google,Yahoo!,orMicrosoftaccountcredentials,withadditionaloptionsforsocialnetworkcredentialsfromFacebook,Twitter,andLinkedIn.
• RequireaDigitalCertificate:Thesendercanrequirethesignertoapplyadigitalcertificateatthetimeofsigning.Thiscreatesafinaldocumentthathasbeendigitallysigned.
• Two-factorauthentication:DocuSignalsoallowsasendertorequiretwoauthenticationmethodsfromthedocumentsigner.Specifically,accesscodeauthenticationandoneothertypemaybeusedforasinglerecipient.
AbilityforSenderstoSetPrivilegesandPermissionsforCo-TransactorsDocuSignsupportsdifferentrolesforparticipantsinatransaction:
• Participantsmaybesigners.
• Participantsmaybedesignatedasrecipientsorauthorizedforactions,suchasmanageenvelopes,addressrecipients,managerecipients,receiveacopy,oracknowledgereceipt.
• Eachrecipientinaworkflowmaybeassignedindividualizedauthenticationrequirements.
• Enveloperecipientscanbereassignedbythesenderoralsobyaspecific
xDTMWhitePaper
-15-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacyrecipient.
• Particularsigningordersamongtheparticipantsmaybeenforced.
• InsituationswithmultipledocumentsinaDocuSignenvelope,accessmayalsobecontrolledatthedocumentlevel,whereaparticulardocumentmayonlybeviewedbytheintendedsigner.
4. Clearevidenceofagreement,includingmanifestationofassent,intenttotransact,andattributionandaudittrails.
ClearEvidenceofAgreement• WithDocuSign,thesignermustagreetotheuseofelectronicrecordsand
signaturesinconnectionwiththereviewandsigningofanydocumentandisgivenanelectronicconsentdisclosure(ECD)beforetheycanaccessdocument(s).
• UsersarepromptedbyDocuSigntoadoptasignaturegraphic.Thisgraphicisrelatedexplicitlytotheiridentity,establishestheir“mark”inthetransaction,andisapplieddirectlytothedocumenttoindicatetheirassentatthatlocation.Further,usersmaypersonalizetheirsignaturegraphicbydrawingitwiththeirmouseortouchscreen,selectingfrompredefinedstyles,oruploadinganimagetheyalreadyhave.
• AuditprocesseswithintheDocuSignsystemsecurelycapturealloftheseconsent-relatedactionsbythesigner.ExamplegranularityincludesthedateandtimeoftheECDacceptanceorauniqueidentifieroftheacceptanceevent.
ACompleteAuditTrailDocuSignprovidesdigitalaudittrailsforcustomerstotracksigningandaccesseventsoverthelifetimeofadocument.Theyincludeadocumenthistory,aformalcertificateofcompletioncreateduponsignatureofalldocumentparties,andrecordpermanence,aswellasothercapabilities.Incombination,theseservetoconfirmthevalidityoftransactionsexecutedbytheservice.
• Documenthistory:DocuSigntracksandlogsallaspectsofeachtransaction(name,emailaddress,IPaddress,date/time,authentication,andactivity)andcapturesitallinadetailedtransactionhistorythatisstoredinperpetuityashashedandencrypteddatawithintheDocuSignsystem.Thisdataisavailableondemandfromthesystemandmayalsobeprogrammaticallyexportedinreal-timeastransactionsprogresstoacompletedstate.
• Certificateofcompletion:Oncethetransactioniscomplete,DocuSignissuesacertificateofcompletionthatcontainstransaction-levelinformation,suchastheuniquetransactionID,thesenderandallrecipients,thetimestampofallevents,DocuSignaccountinformation,andtheexecutedconsumerdisclosure.Thecertificateofcompletionhasbeentestedincourtandfoundtobelegallyvalid.
• Recordpermanence:Documentauditlogsarekeptpermanentlyeveniftheunderlyingdocumentisdeliveredandpurgedbytheowningaccount.ThismaintainsDocuSign'sabilitytoproveatransactionindefinitely.
5. Completerecordsmanagement,includinglong-termrecordsmanagementwithproofofintegrity,designateddocumentretentionperiods,and
• AllretainedcustomerdataisstoredatthelevelofsecurityandencryptionprescribedinDocuSign’scustomerdatapolicy(seeSecurity:Section1).
• CustomersmayleavesigneddocumentsintheDocuSignsystemindefinitely.DocuSignwillwarrantthatthedocumentshavebeensecurelystoredandnotaltered.
• DocuSignalsoofferstheDocuSignConnectpublisherservicethatcustomerscan
xDTMWhitePaper
-16-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement HowDocuSignProtectsYourPrivacytransferability. useiftheywishtokeepalocalcopybehindtheirfirewall.DocuSignConnectcan
pushsigneddocumentstoacustomerapplicationorpushstatusupdatestoacustomerlistenerapplication.Oncenotified,customerscanretrievesigneddocumentsviatheDocuSignAPI,inlinewiththeirworkflow.
• DocuSignintegrateswithexternalthird-partyvaultsolutions,suchaseOriginal,thatprovidecustomerswithadditionalrecordsmanagementcapabilities.
• Customersmayalsodownloadstoreddocumentsandtransactiondata,whicharesecuredwithanX.509PKI,standards-based"digitalsignature"thatisappliedatthetimeofdownload.
• Thecertificateofcompletionisalsosecuredwithatamper-evidentsealtoensurethatitcan’tbemodifiedafterdownload,justlikethedocument.
6. Anindustry-standardclocktimeconventionfromatrustedthird-partysourceoftime.
DocuSignutilizestheNationalInstituteofStandards&Technology(NIST)atomicclockserviceasasynchronizedtime-serviceprotocoltoensureallsystemshaveacommontimereference.
AvailabilityDocuSignhasmaintainedmorethan99.99%averageavailabilityoverthepast5years.Theserviceisengineeredtoprovide“always-on”availabilityandDocuSigndoesn’tpostorscheduleanyplanneddowntimeformaintenance.
DocuSign’ssystemarchitectureincludesmultiple,simultaneouslyactiveDocuSignsystemsindifferentgeographiclocations,eachsupportingcustomertransactionswhilestayingsynchronizedwitheachother.Thisway,dataforin-processandcompletedtransactionsissavedinmultiplelocations,providinghighavailabilityandasuperiorprotectionagainstdatalossandcorruption.
Figure4:DocuSignSystemStatus(PubliclyavailableintheDocuSignTrustCenter)
xDTMWhitePaper
-17-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement Carrier-GradePerformanceandReliability1. Thesolutionoffers
carrier-gradeavailability/systemuptime.
• DocuSignhasmaintainedmorethan99.99%averageavailabilityoverthepastfiveyears
• DocuSignpoststwelvemonthsofuptimedataforitsservice,acrossfourdifferentenvironmentsonitspublicallyavailableTrustCenter
• DocuSignprovidescustomerswithcreditsagainstfees,ifservicelevelsaren’tmet
2. Thesolutioniscontinuouslyavailable–online/offline–withnomaintenancedowntime.
• DocuSignhasazero-maintenancedowntimeservice.Thecompanydoesn’tscheduleofflinemaintenance.
3. Customerdataiscontinuouslyaccessibleforcustomeruse.
• UnderDocuSign'sarchitecture,securereplicationofcustomerdataisperformedatboththedatacenterinuse,aswellasinnearreal-timetogeo-diversedatacenters.DataisreplicatedattheOLTPlevel,andallhistoricalanddocumentdataissynchronizedusingaproprietarydocumentreplicationservice.DocuSignmakeseightperpetualbackupsofBLOBdata;anddatareplicationtakestheplaceoftraditionalbackups.
4. Redundantgeographicallydisperseddatacentersareused.
• DocuSigndataisreplicatedtogeographicallydisperseddatacenters.IntheUS,threeactivesitesarelocatedindifferentgeographicalregions.InEurope,twoactivesitesaremorethan400kmapart.
• Intheeventofafailureinanyoftheactivesystems,alluseractivitymaybeservedbytheremainingcenters
5. Thereiszerodatalossduringcatastrophicevents.
• DocuSign’sinfrastructureisconstructedtodeliverarecoverypointobjectiveoffiveminutesintheeventofasinglesitecatastrophicfailure.
• Insupportofdataprotection,DocuSigndesignsalldeploymentstobefullyredundantandfaulttoleranttoeliminatesinglepointsoffailure.Datatravelsviahalf-gigabitfibertofacilitatetherequireddatareplication(seeAvailability:Section3).
• DocuSignmaintainsadisasterrecoveryplan(DR)tobeimplementedintheeventofadisaster(orprolongedinterruptionofservice)andabusinesscontinuityplan(BCP).Thetableofcontentsoftheplanandthelastannualtestresultsareavailableforinspectionbutforsecurityreasonsaren’tsharedoutsideofDocuSign.
6. Thereisasub-minuteservicerestorationafterdisruption.
• DocuSign’sinfrastructureisconstructedtomeetarecoverytimeobjectiveof15minutes.
• DocuSign‘sarchitecturefeaturessimultaneouslyactiveandredundantsystemsandnear-real-timedatareplication.Additionally,DocuSign’sdatacentersarecommercial-grade,PCIDSScompliant,andSSAE16examinedandtested(seeSecurity:Section5).
• Combined,thisenablesDocuSign’sservicetoconsistentlydemonstratehighavailability(asshowninpubliclyavailablesitestatistics)andbecapableofsurvivingdisruptions,suchasafullsiteoutage.
• Failovercapabilitiesaretestedmonthlyalongwithafull,formalBCP/DRtestconductedannually.Percompanypolicy,thesetestresultsarevalidatedandsignedbystakeholders,includingthechieftechnologyofficer,chiefsecurity
xDTMWhitePaper
-18-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement Carrier-GradePerformanceandReliabilityofficer,andchieflegalofficer.
7. Customertransactionsupportisprovided.
ComprehensiveSupportResourcesDocuSignsupportresourcesinclude:
• 24x7livesupport,alongwithfull-timesystemavailabilitymonitoring
• Onlinecasesubmissionandmanagement,withresponseSLAs
• Escalatedtier-twosupport
• Asupportteamthat,onaverage,answerscallsinlessthan10seconds,respondstoemailswithin2businesshours,andhasanaveragefirst-contactcompletionrateofover80percent;andhasaccesstoDocuSignprofessionalservices,acustomer’sassignedstrategicaccountmanager,andDocuSignengineeringteams.
RobustCapabilitiesforIntegrationandCompatibilitySupport• DocuSignprovidesfreedeveloperaccountsintoafull-featuredenvironmentfor
developmentandtesting.Samplecode,SDKs,andcodelibrariesarealsoprovidedattheDocuSignDeveloperCenter.
• DocuSignofferspreviewanddemonstrationenvironmentsforcustomerstovalidatetheirsystemintegrationsandgivefeedbackonnewreleases.
• DocuSignsuppliessupportanddocumentationforout-of-the-boxintegrationstocomplementarysolutionsfromSalesforce,Microsoft,Google,andothers(seeInteroperability:Section1).
SupplementalTrainingResources• DocuSignofferstraining,courses,andcertificationsthroughDocuSign
University,suchasadministratortraining,specializedtrainingforSalesforceusers,trainingforworkflowdevelopers,APIuse,andmore.
• Coursesareavailableonline,in-personatDocuSigntrainingfacilities,oronpremiseatacustomer’ssite.
8. Theorganizationmaintainsatrustcenterfortransparencyintoserviceperformance,availability,certificationstatus,andprivacy.
• DocuSignmaintainsapublic-facingTrustCenterthatprovidescontinuousupdatesonserviceavailability,12monthsofuptimedata,andtechnicalbestpractices.
• TheTrustCenterprovidesstatusconfirmationsthatservicesareavailableandoperatingnormallyandwillcommunicateinformationaboutservicedisruptionsorsecurityalerts.
• TheTrustCenterenablescustomerstoreporttoDocuSignanysecurityconcerns,suspectedfraudulentemail,orsystemissues.
• OntheTrustCenter,DocuSignpubliclyconfirmscompliancewithanumberofsecuritycertifications,including:
o ISO27001:2013o SSAE16,SOC1Type2,SOC2Type2o xDTMStandard,Version1.0o PCIDSS3.1o TRUSTe
xDTMWhitePaper
-19-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
ScalabilityToprovideresilientsystemperformanceduringpeaktrafficinthenearterm,aswellasensurescalabilityforrequiredfuturegrowth,DocuSignundertakesrobustcapacityplanning.Everyday,DocuSignprocessesapproximately30billionpiecesoftelemetrytomonitorandassesstheend-to-endcustomerexperienceasoneofmultipleinputsintoplanningforrequiredscalability.Currently,themulti-tenantstructureensuresthattheDocuSignplatformrunsatlessthan50percentoftotalcapacityandthatnosinglecustomer'sspikeinusageimpingesonothercustomers.
xDTMStandardRequirement HowDocuSignManagesScale1. Thereisaformalprocessin
placetoanticipatefuturebusinessgrowth/needswiththeabilitytoprovideongoingsystemcapacitymonitoring.
• DocuSignmaintainsaformalplanningprocessthatincludesbothreal-timeperformanceindicatorsandlong-termcapacityplanningmechanismstoensureadequatecapacity.
• Systemloadisevaluatedandprojectedviaascheduledprocess,andongoingprojectionsusinggathereddataaremadeforserverload,storageload,databaseload,andnetworkload/bandwidth.Projectionsaretrackedandcomparedwithcurrentloadtoensureaccuracy,andadjustmentsaremadetotheoverallenvironmenttoensureprojectedloadismetorexceeded.
2. Thereisaformallifecyclemanagementinplacewithproactiveimplementationofarchitecturalchangesandhardwarepurchasing.
• DocuSignmaintainsabaselineconfigurationprogramforsoftwareandhardware.Allproductionsystemsareconfiguredaccordingtothesestandardstoensurecapacityrequirements.BenchmarksfromtheCenterforInformationSecurity(CIS)arepartoftheprogram’sverificationprocess.
• Capacityincreasesareachievedbyscalingtheplatformbothverticallyandhorizontally,usingcollecteddataonusagetrendsaswellasprojectionsofcontractualcommitmentsinan18-monthmovingwindow.
• Inaddition,DocuSignhasdevelopedautomatedperformancetestingtoolsthatcreateastaticloadonDocuSignviaboththeAPIandtheuserinterface.Thesystemisloadedandthendynamicevaluationisdonetocompareboththeformalandobservedsystemcharacteristics.
UniversalityWithDocuSign,userscanconductbusinessglobally,useanapporsitebuiltfortheirdeviceorplatformofchoice,andtransactwhilebothconnectedandoffline.
DocuSignoffers13sendinglanguagesand43languagesforsigning,andthesystemiscompatiblewithleadingbrowsersandmobileplatforms.It’salsoavailableasadedicatedapponmultipleplatforms,andofflinecapabilitiesallowuserstocontinuethetransactionprocesswhencarrierserviceisn’tavailable.
xDTMStandardRequirement DocuSignSupportsTransactionsWorldwide1. Thesolutionisavailable
acrossheterogeneouscomputingplatforms.
• TheDocuSignservicerequiresonlyaWebbrowserforsigningandaPDFreadertooptionallyviewdocuments.Noadditionalsoftware,browserplug-ins,extensions,oradd-onsarenecessary.
xDTMWhitePaper
-20-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement DocuSignSupportsTransactionsWorldwideAvailableonMultiplePlatforms
• DocuSignisavailabletoover90percentofdesktopandmobileusersintheregionswhereit’sofferedbecauseoftherangeofplatformssupportedbytheservice.
o Desktop:DocuSignsupportsfinalreleaseversionsofInternetExplorer8.0orabove,WindowsEdge,Mozilla®Firefox®3.0orabove(WindowsandMac),Safari™3.0orabove(MacOSonly),andGoogleChrome®5.0(WindowsandMac).Althoughotherbrowsersaren’tofficiallysupported,signingtypicallyworksonanyapplicationthatcanrenderHTML.
o MobileWeb:DocuSignsupportsAppleiOS®6.0andabove,andAndroid™2.3orabove.
o Mobileapplications:DocuSignoffersnativeappsforiOS,Android,andWindows.RespectiverequirementsareAppleiOS®8.0andabove,Android™4.0andabove,Windows8.1andabove,Windows10,andWindowsphone8.1.
• Inaddition,DocuSign’sinterfaceisresponsiveandwillautomaticallyoptimizeitsinterfacetofitthedeviceandformfactoronwhichit’sbeingviewed.
CapabilitiesforWorkingOffline• DocuSign’ssolutionincludesofflinefunctionalityforcontinuedproductivity
whennetworkorcarrierserviceisn’tavailable.
• Whileoffline,documentsenderscantagadocumenttoindicaterequiredsignaturesandselectedrecipients.Onceanetworkconnectionisavailable,thedocumentwillbesentoutforsignature.
• Documentrecipientscansignadocumentwhileoffline,andoncereconnectedtoanetwork,signeddocumentswillbeuploadedtotheDocuSigncloud,routingtoothersignatories,ifrequired,orconfirmingacompletedtransaction.
2. Thesolutionisaccessibleworldwide.
• DocuSignoffersuserstheabilitytosigndocumentsin43localizedlanguages:English(US),Spanish(LatinAmerica),Japanese,German,French,Italian,Spanish(Spain–ModernSort),French(Canada),ChineseSimplified,Portuguese(Brazil),Russian,Turkish,Korean,Portuguese(Portugal),ChineseTraditional,Polish,Romanian,Dutch,Hungarian,Czech,Greek,Swedish,Finnish,Danish,Norwegian,Ukrainian,Serbian-Latin,Bulgarian,Croatian,Slovakian,Lithuanian,Slovenian,Latvian,Estonian,BritishEnglish,Arabic,Hebrew,Farsi,Hindi,BahasaIndonesia,BahasaMelayu,Thai,andVietnamese.
• DocuSignoffers13languagesforglobaluserstosenddocumentsforsignatureintheirnativelanguage:English(U.S.),ChineseSimplified,ChineseTraditional,Dutch,French,German,Italian,Japanese,Korean,Portuguese(Brazil),Portuguese(Portugal),Russian,andSpanish.
• TheDocuSignsolutioncanautomaticallydetectacustomer’sbrowserlanguageandpresentinformationintheappropriatelanguage.Alternatively,atransactioninitiatormayspecifylanguagesettings,oratransactionreceivermayselectfromsupportedlanguages.
• WithDocuSign,usersaren’trequiredtosignupforanaccountbeforesigning.
xDTMWhitePaper
-21-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
InteroperabilityEveryday,theDocuSignplatformservicesover8millionAPIcallsinsupportofover1,000APIintegrations.WithplatformAPIs,amobileSDK,out-of-the-boxintegrationswithleadingsolutionproviders,andarichpartnerecosystem,customerscanintegrateDocuSignwiththeirchoiceofsolutions.
DocuSignexposestheentirecoreplatformfunctionalitythroughitsAPIandincludesprebuiltintegrationswithSalesforce,Microsoft,Google,SAP,andothers.Takentogether,theseintegrationoptionsgivecustomersflexibilityandcontrolacrosstheirorganization,infrastructure,workflow,andtechnologypartners,allowingthemtoscalefromsimpleeSignatureintegrationstocomplexcompany-specificsolutions.
DocuSignalsoacceptsmultipledigital/PKIcertificatesaspartofitssupportfordigitalsignaturesandprovidessolutionsforenterprisestomanagedigitalsigningintheirorganization.DocuSignisalsoacertificateauthorityandissuesdigitalcertificates.
xDTMStandardRequirement DocuSignExposesItsFullPlatformforCompleteIntegrationSupport1. Thesolutionshaspublished
integrationguidelines.DocuSignoffersrobustinteroperabilitycapabilities,includingREST/SOAPAPIs,dedicatedintegrationswithmarket-leadingsolutionproviders,andDocuSign’sConnectservicethatprovidesstatusupdateswithinintegrations.MultipleAPIsandSDKs
• DocuSignoffersbothRESTandSOAPAPIsandexposestheentirecoreDocuSignplatformfunctionalitysothatfeaturesandfunctionalitycanbeintegratedintoanywebsite,app,orembeddedsystemthatmakeshttprequests.
• ExampleworkflowssupportedbytheDocuSignAPIinclude:
o Bringingusersdirectlytospecificviewswithinthetransactionworkflowo Requestinglegallybindingsignaturesonthedocumenttypessupportedby
thesystemo Embeddingthesigningorsendingworkflowintoacustomer’sUIorappo Retrievingform-fielddatao Enablingmultifactorrecipientauthenticationo Simplifyingauthenticationviareuseofexistingcredentialsfromother
authorities(viastandards-basedSSO).
• DocuSignoffersamobileSDKforiOStointegrateDTMandeSignaturefunctionalityintomobileapps.Withit,developerscancreateaDocuSignsendingandsigningexperiencefullynativetotheirapp.
• TheDocuSignDevelopmentCenterincludesadevelopersandboxanddeveloperkeys,aswellasSDKs,codelibraries,samplecode,andotherdeveloperresources.
Out-of-the-BoxIntegrationswithLeadingApplicationsDocuSignhasbusinesspartnershipsandtechnicalintegrationswithleadingenterprisesolutionstoprovidemoreseamlesssigningservicesandenablemorecomplexDTMusecases.Out-of-the-boxintegrationsinclude:
• Salesforce.comincludes“SendwithDocuSign”functionalityfromanySalesforce
xDTMWhitePaper
-22-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement DocuSignExposesItsFullPlatformforCompleteIntegrationSupportobjectandintegratesSalesforcecontactdataintoDocuSign,eliminatingrekeyingofdata.
• Microsoft:DocuSignandMicrosofthaveastrategicrelationshipinplaceandhaveworkedtogethertoenableuserstosecurelysend,sign,andtrackdocumentswithinMicrosoftOffice365usingDocuSign.ThepartnershiphassincebeenexpandedtoincludedeeperintegrationofDocuSignwithinMicrosoftDynamicsCRMonline.Inadditiontotheseproducts,DocuSignalsointegrateswithmanyearliereditionsofMicrosoftproducts,includingOutlook,SharePoint,DynamicsCRM,andWindows.
• Google:DocuSignintegrateswithGmailandGoogleDriveandoffersaGoogleChromeextension.Theseintegrationsenableuserstosigndocuments,sendtoothers,andcompleteotherworkflowintegrationsfromwithintheGoogleapplicationstheymayalreadybeusing.DocuSignalsointegrateswithGoogleAppsforWorksuite,enablingadministratorstoinstallDocuSignandprovisionaccountsforallusersinthedomain.
• SAP:IntegrationswithAribaContractManagementandSuccessFactorsRecruitingManagementallowuserstoleverageSAPtechnologyandDocuSign’sDTMplatformintheirworkflow.
• DocuSign’sSolutionShowcaseprovidesdetailson120+integrationswithDocuSign’spartnerecosystem.
DocuSignConnect–StatusUpdatesforIntegrationsDocuSignConnectisapushservicethatsendsreal-timeenvelopeandrecipientdataupdatestocustomerlistenerapplicationsusingHTTPorSOAPmessages.
• TheseupdatesaregeneratedbychangestotheDocuSignenvelopeasitprogressesfromsendingtocompletion.
• DocuSignConnectprovidesorganizationswithacentralizedlocationandareal-timeviewoftransactionsacrosstheiruserbase.Thisinformationmayalsobecustomizedtosupportreportingorworkflowspecifictoacustomerorganization.
2. Thesolutionacceptsmultipledigital/PKIcertificates.
DocuSignenablesDTMsolutionsgloballyandacceptsmultiplecertificatestoalignwithcustomerneedsandregionalrequirements.CertificateAcceptance
• WithDocuSign,customerscanrequireuseofadigitalsignaturetocompleteasigningtransaction.
• TheDocuSignserviceacceptsdigital/PKIcertificatesthatconformtoX.509standards.CertificatesthatconformtoEUDirective1999/93/ECorEuropeanRegulation910/2014(asapplicable)areaccepted.
• DocuSigncurrentlysupportsdigitalcertificatesfromthefollowingrootcertificateauthorities:OpenTrust,DocuSign,andSAFE-BioPharma(approvedforusewithFDA-orEMA-regulatedprocesses).
CertificateIssuance
• DocuSignalsoactsasthecertificateauthoritywithExpressorOpenTrustcertificates(anaccreditedE.U.-baseddigitalsignatureprovidercertifiedagainstkeyETSIeSignaturestandards).Thisprovidescustomerswithanadditional
xDTMWhitePaper
-23-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
xDTMStandardRequirement DocuSignExposesItsFullPlatformforCompleteIntegrationSupportmeanstoobtainPKI-standardandX.509-compliantdigitalsignaturesforanyDocuSigntransaction.
CertificatePolicy• DocuSignmaintainscertificatepoliciescoveringtheirroleasbothacertificate
authority(issuer)andwhichcertificateauthoritiesthey’llacceptcertificatesfromwithinthecontextofdigitalsignatures.
• Thesepoliciesaddress:
o Acceptedthird-partycertificateproviders,includingcriteriaforvalidatinguseridentity
o ThewaysauseratteststotheiridentityinorderforDocuSigntocreateasignatureontheirbehalf
o Operationalandphysicalcontrols(e.g.specifictrustedrolesandfunctions,backup,segregationofduties,revocation,andaudittrails).
SolutionsforEnterpriseDigitalSigning,andtheDocuSignSignatureAppliance• WithDocuSign’sSignatureAppliance,userswithinanenterprisecandigitally
signdocumentsdirectlyfromtheirdocumentauthoringormanagementapplicationorthroughtheDocuSignAppliance(desktop,mobile,orWebinterfaces).
• DocuSign’sSignatureAppliancecanintegratewithacompany’sexistingIDmanagementsystemorusedigitalcertificatesissuedbyacompany’spreferredcertificateAuthority.
• Thiscapabilityenablescompaniestomanagetheircertificatesfromwithintheirowndatacenterandisgearedtohighlyregulatedindustries.TheapplianceiscertifiedfortheCommonCriteriaorganizationandFIPS(FederalInformationProcessingStandard)securitystandards.
PleaseseeFigure.5:DocuSignSignatureAppliance(below)
• DocuSignalsosupportscard/token-baseddigitalsignatureswhererequiredbylaw.Customerssignusingexistingphysicalorsoftware-basedcertificatesintheirpossession,includingsmartcard-basedNationalID’soremployeebadges
xDTMWhitePaper
-24-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
Figure5:DocuSignSignatureAppliance
xDTMStandardRequirement DocuSignExposesItsFullPlatformforCompleteIntegrationSupport3. Datawillmigratetocurrent
standardsovertimetoenableongoingaccessibilityanddocumentlongevity.
RegulatoryCompliance• DocuSigncomplieswithregulatoryrequirementsthatnecessitatedocuments
remainaccessibleinaformthatcanbeaccuratelyreproducedforlaterreference.
AdoptionofNewFileFormats,End-of–Life,andOngoingSupportforOlderFileFormats• Onaperiodicbasis,DocuSignwillassessthefeasibilityofsupportingnew
documentanddataformatsfortheplatform.
• DocuSignwillalsoassesstheviabilityofcontinuingtoacceptolderfileanddataformats,usingcommerciallyavailabledataandinternalbenchmarkstodeterminewhetheraparticularformatisobsolete.Ifnecessary,DocuSignwillcommunicateatimeframewhentheformatwillnolongerbeacceptedbytheplatformfornewdocuments.
• DocuSignwillannouncesuccessorformats,ifrequired.DocuSignwillalsoindicatewhetherdataoragreementsalreadyontheplatformwillmigratetoanewformat(consistentwithupholdingregulatoryrequirementsanditsinternaldeterminationoffeasibility).
AcceptedDataFormats• DocuSignacceptsabroadrangeoffileformatsandprovidessupplementaltools
toensurethatdocumentscanbeacceptedintotheplatformforsetup.
xDTMWhitePaper
-25-
DocuSignConfidential,issuedunderNDAonly.Copyright©2016DocuSign,Inc.Allrightsreserved.DocuSign,theDocuSignlogo,“TheGlobalStandardforDigitalTransactionManagement”aretrademarksorregisteredtrademarksofDocuSign,Inc.intheUnitedStatesand/orothercountries.ForalistofDocuSign’strademarks,pleaseseewww.docusign.com/IP.Allothertrademarksandregisteredtrademarksarethepropertyoftheirrespectiveholders.
Acceptedformatsinclude:
Document .as,.asl,.asp,.doc,.docm,.docx,.dot,.dotm,.dotx,.htm,.html,.pdf,.pdx,.rtf,.txt,.wpd,.wps,.wpt
Drawing .dwg,.dxf,.emz,.svg,.svgz,.vdx,.vsd,.vss,.vstImage .bmp,.cdr,.dcx,.gif,.ico,.jpg,.jpeg,.pct,.pic,.png,.rgb,
.sam,.tga,.tif,.tiff,.wpgPresentation .dps,.dpt,.pot,.potx,.pps,.ppt,.pptm,.pptxSpreadsheet .csv,.et,.ett,.xls,.xlsx,.xlt
• WhileGooglefileformats(Docs,Sheets,andSlides)aren’tsupportedintheir
nativeformat,thesefiletypescanbeuploadedbyconnectingaGoogleDrivecloudstorageaccounttoDocuSign.DocuSign’scloudstorageoptionenablesthesefilestobeaddedtoadocument.
• TheDocuSignPrintDriverisatoolthatallowsauserto“print”hisorherdocumentdirectlyintoanewDocuSignenvelopefromtheapplicationthatcreates/opensit.TheprintdriverappliesaPDFconversionprocesstothedocumentthatmayresolveissueswithloadingcertaindocuments.
• DocuSignalsohassoftwareintegrationswithformprovidersthatallowdocumentstoberouteddirectlytoDocuSign,fullytabbedandreadyforsignature.
4. Limitationsoftheservice’sabilitytosupportvalidtransactionsaredisclosed
DocuSignpublishesaSubscriptionServiceSpecificationonitspublicwebsitethat‘speriodicallyupdatedanddescribestheDocuSignservice,minimumsystemandsoftwarerequirements,enabledsecuritysettings,supportedbrowsers,andmobilerequirements.
ToensuresuccessinDTM,it'scriticalthatDTMprovidersleveragetherightcombinationoftechnology,processes,andpoliciestodeliverasolutionthatrecognizesandaddressesacomprehensiverangeofcustomerneeds.
DocuSign’sxDTMcertificationprovidesaverifiablelevelofassuranceforourcustomers,andwe’repleasedtoprovidedetailandtransparencyregardingthepracticesDocuSignemploystoensurequalityindigitaltransactions.
Wehopeyoufindthisinformationhelpfulinansweringyourquestions.Ifyouneedfurtherinformation,pleasecontactyoursalesrepresentativewithanyadditionalrequests.