How SignDex Keeps Your Document Secure

Overview

At SignDex, we understand that the documents you sign and share contain sensitive, critical information. We are committed to providing a secure environment that protects your data from the moment you upload a file to the final signature and long-term storage. SignDex is designed from the ground up with multiple layers of enterprise-grade security mechanisms. This article outlines the core security features used within the platform to maintain the confidentiality, integrity, and availability of your documents.

Key Security Features

1. Advanced Data Encryption

Encryption acts as a highly secure lock, ensuring that your data is unreadable to anyone who does not have the proper authorization key. SignDex uses state-of-the-art encryption to protect your data across two primary stages:

• In Transit: Whenever data is moving such as when you upload a document from your computer or when a signer opens a link, it is encrypted using secure, industry-standard protocols (e.g., HTTPS/TLS). This creates a secure tunnel that prevents malicious actors from intercepting or tampering with your documents over the internet.
• At Rest: When your documents and sensitive user data are stored on our servers, they are heavily encrypted. Even in the highly unlikely event of a physical or digital breach of our storage facilities, your files remain completely unreadable without the specific decryption keys.

2. Comprehensive Audit Logs

To guarantee the legal validity and traceability of your workflows, SignDex maintains an automated, detailed, and tamper-evident audit trail for all document-related activities. The system logs critical milestones, including:

• Document Creation: When a file is uploaded and by whom.
• Workflow Actions: When documents are sent, shared, or forwarded.
• User Interactions: Exactly when a recipient opens, views, and signs a document.
• Finalization: Official completion timestamps for the fully executed document.

Each recorded action captures vital metadata, such as the user’s verified identity, IP address, and an exact timestamp.

• Purpose: These audit logs provide total transparency and traceability. They are crucial for supporting internal compliance audits, meeting legal e-signature requirements, and resolving any potential disputes regarding when or if a document was signed.

3. Granular Access Controls

SignDex implements strict role-based and document-level access controls. We ensure that only explicitly authorized users can view, edit, or interact with your workflows:

• User Roles: Workspace permissions are carefully assigned based on roles. For example, Admins have full control over billing and workspace settings, Members can create and send documents, and Signers can only interact with the specific documents sent to them.
• Document Permissions: Document owners can restrict access to specific individuals, ensuring that sensitive contracts do not fall into the wrong hands within a shared organization.
• Sequential Signing Controls: To maintain the integrity of complex workflows, SignDex enforces strict signing orders. If a document requires sequential signatures, the system locks out subsequent signers until the current person in the queue has completed their required actions.

Expected Result

By leveraging these robust security protocols, any documents stored, processed, or signed within SignDex remain entirely secure, legally traceable, and accessible strictly to authorized participants.

User Best Practices

While SignDex secures your data on our end, maintaining absolute security is a shared responsibility. We highly recommend adopting the following best practices to protect your account:

• Use Strong, Unique Passwords: Create passwords that are long, complex, and not used across any other platforms. Consider using a reputable password manager.
• Protect Your Credentials: Never share your login information or your unique signing links with anyone, including colleagues or IT staff.
• Audit Your Workspace: Regularly review who has access to your organization’s workspace and revoke access for former employees or users who no longer need it.
• Secure Your Devices: Always log out of SignDex when using shared or public computers, and ensure your personal devices are protected with screen locks and updated antivirus software.