Physical and Logical Security

Ultria maintains 24x7x365 onsite security with physical  access control that complies with industry-recognized  standards, such as SOC 1, SOC 2, and ISO 27001.

We use world-class security software and hardware to  protect the physical integrity of UltriaSign and associated  computer systems and networks that process customer  data through a global two-factor authentication process.

This production environment is protected by industry-  leading network management systems, anti-virus  software, and malware detectors that automatically  generate alerts to Ultria’s security team.

Security Vulnerability Testing

The  UltriaSign product development  lifecycle includes secure coding  practices in accordance with  OWASP. Rigorous code reviews  are designed to pinpoint security  weaknesses. We perform internal  and external vulnerability scans  and penetration tests against the UltriaSign production environment.

Operational and Security Monitoring

UltriaSign is constantly  monitored from both an operational  and a security perspective. Intrusion  prevention and detection events are logged, and tailored alerts are  sent to our operations and  security teams to ensure that  UltriaSign can be used by those authorized to access it from any location.

Storage, Encryption and Destruction

Ultria understands the need to protect your data and follows industry best practices including:

  • Logically separating individual customer data
  • Encrypt customer data—all data access and transfer activities use HTTPS and other secure protocols, such as SSL, SSH, IPsec, and SFTP
  • Encrypt all documents with AES 256-bit encryption or equivalent FIPS-approved methods
  • Provide non-repudiation for all documents generated and signed using UltriaSign  Maintain data disposal, equipment re-usem and secure media disposal policies for managing data assets

Ultria Infrastucture

  • Geo-dispersed, ISO 27001-certified, and SOC-audited  datacenters, located across multiple geographic regions
  • Near real-time secure data replication and encrypted archival
  • 24x7x365 onsite security with physical access control
  • Annual Disaster Recovery (DR) and Business Continuity  Planning (BCP) testing
  • Best in Class commercial-grade firewalls, border routers, and network management systems

Application Resilience

UltriaSign applications are hardened for security and  Ultria adheres to industry Best Practices such as:

  • Formal code reviews and vulnerability mitigation
  • Application-level Advanced Encryption Standard (AES) 256-bit encryption
  • Key management and encryption program
  • Malware protection
  • Digital audit trail that provides non-repudiation for all documents generated and signed using UltriaSign
  • Configurable security features
  • Multi-factor authentication provides an additional level of assurance that only those authorized to access Ultria products and associated documents can access them
  • Role-based authorization for all business transactions types enables you  to designate access to specific individuals

Network Operations

Ultria understands the need to protect your  data and follows industry best practices including:

  • Physically and logically separate networks
  • Centralized, logical access management system
  • Two-factor authentication, encrypted VPN access
  • Denial of Service (DDoS) mitigation
  • Active intrusion detection and prevention
  • Anti-malware software integration that automatically alerts Ultria’s incident  response team if potentially harmful code is detected
  • Third-party penetration testing

See UltriaSign in Action

Focus on what matters to you

Request Demo