Our customers place trust in PageFreezer to secure data. Our application, platform, and organizational security is designed around the idea that no one should ever gain unauthorized access to electronic records.
Application, Platform, and Organizational Security
Since PageFreezer archives records across websites, social media accounts, mobile text messages, and enterprise collaboration platforms, the data is often valuable and sensitive. We want to do everything we can to help customers have secure archives. With this in mind, we offer a host of features to empower our customers with complete control over how archived data is accessed.
PageFreezer’s application, platform, and organizational security consist of the following:
PageFreezer’s management system is ISO 27001:2013 certified, meaning that we consistently meet the security goals outlined in ISO 27001. This includes limiting data access only to those who are authorized, protecting data integrity by preventing unauthorized alteration, and offering customers reliable access to the data that they need. In addition to PageFreezer’s ISO 27001:2013 certification, the data centers that we use are SOC 1, SOC 2, and ISO certified.
2FA can be deployed to require users to authenticate with a second factor when logging into the PageFreezer platform. When activating 2FA, administrators can choose between a security code sent via email or verification through a third-party app such as Google Authenticator.
IP whitelisting allows platform administrators to limit access to specific IP addresses (or an IP range). This is useful in a scenario where an organization wants to ensure that employees can only access records from company premises.
To curb the sharing of credentials in the workplace and reduce the attack surface for a potential breach, platform administrators can control the number of concurrent logins for each user. For instance, should a second user log in with credentials already in use, the system will remove the original user from the platform.
PageFreezer automatically enforces strong password policies for all accounts, but platform administrators can also set password policies that align specifically with an organization’s internal security requirements.
To ensure that organizations have control over who exactly has access to what electronic records, PageFreezer offers advanced user, group, and role management that makes the appropriate provisioning of users simple and easy. The archive activities of all users are also logged to easily monitor actions.
In order to reduce the risks that sensitive data is exposed to, PageFreezer encrypts data both in transit and at rest.
PageFreezer stamps each archived page with an RFC 3136 compliant Time Stamp Authority (TSA) synchronized with the atomic clocks of a Stratum-1 Time Server. This non-refutable time cannot be altered without detection. Each archived page also boasts a SHA-256 digital signature, ensuring data integrity and authenticity.
Audit logs give platform administrators detailed insight into all activities on the system, including what exactly was done, who did it, and when this activity took place.
Disaster Recovery support is offered through data backup with fail-over, as well as the ability to recover content within 30 days of deletion.
PageFreezer makes use of Data Centers that are SOC 1 and SOC 2 Certified.
PageFreezer’s management system is ISO 27001:2013 certified.