Filemail's Trust Center
Overview
Welcome to Filemail’s Trust Center. Here you’ll find a wide range of information about the functions and capabilities we provide to help you comply with regional and sector-specific mandates.
Explore our Trust Center to gain clarity into the framework that governs how we operate, with a strong emphasis on trust, confidentiality, and security.
Real-Time Operational Status
All services are online and operational.
Check out our status at a granular level by visiting our dedicated page.
Be Compliant With The Following Mandates
Our infrastructure enables regulatory compliance. Final compliance outcomes depend on customer use.
Documents Available On Request
BAA For HIPAA
Data Processing Agreement (DPA)
Penetration Test Reports
Security White Paper
Security
Access Controls
- Role-based access control (RBAC)
- Multi-factor authentication (MFA)
- SAML/SSO
Cloud Security
- Dual firewalls
- Anti-virus & malware protection
- Endpoint Detection and Response
Data Center Security
- Physical security
- 24/7 protection
- Constant surveillance
Data Protection
- DPA-Ready
- Template available
- Custom stipulations considered
End Point Security
- Advanced Endpoint Detection and Response (EDR)
- Regular security assessments
- Comprehensive operation security practices
Network Security
- Intrusion Detection and Prevention Systems (IDS/IPS)
- Continuous monitoring
- Proactive mitigation
Patching & Vulnerability
- Regular patching
- Proactive approach
- Automated updates
Threat Detection
- Intrusion Detection and Prevention Systems (IDS/IPS)
- Dual firewalls & anti-virus / malware scanning
- Proactive mitigation & automated blocking
User Security Settings
- End-to-end encryption
- Password protection
- 2 Factor Authentication
Compliance
Facilitating You To Be Compliant With The Following Mandates
Feature To Compliance Map
- National law
- Regional mandates
- Industry-specific regulations
Cyber Essentials (UK)
- Boundary Firewalls
- Secure Configuration
- User Access Control
- Malware Protection
- Patch Management
GPDR (EU)
- Art. 32 – Security of Processing
- Art. 25 – Data Protection by Design / Default
- Arts. 33 - 34 Breach Notification
- Arts. 44 - 50 International Transfers
- Arts. 5 & 30 Accountability & Transparency
FINRA (US)
- Rule 4511 (Books & records)
- Rule 3110 (Supervision)
- Cybersecurity guidance
FISMA (US)
- Systems & Communications Protection
- Audit & Accountability
- Access Control
HIPAA (US)
- Access Control
- Audit Controls
- Integrity
- Authentication
- Transmission Security
NSM ICT (Norway)
- Protect & Maintain
- User Access Control
- Detect
- Respond & Recover
SOX (US)
- Section 302 – Corporate Responsibility for Financial Reports
- Section 404 – Management Assessment of Internal Controls
- Data Retention Rules
US State-Specific
- CCPA / CPRA, VCDPA, CPA
- CTDPA, UCPA, TDPSA
- OCPA, DPDP Act
Policies
Data Breach Notification
- Notified within 72 hours after becoming aware breach
- Incident Response Plan
- Data Protection Impact Assessments
- Privacy by Design
Cookies Policy
- Cookies explained
- Third-party cookies
- Your control over cookies
Data Residency
- Choose your data storage location
- Globally distributed servers
- No third-parties involved
Privacy Policy
- Your rights
- How we collect and use your personal data
- How long we store your information
- Where your data is stored
- Disclosure rules to third parties
Incident Response Plan
- Incident Detection and Classification
- Incident Response Protocols:
- Customer Notification
Terms of Service
- Use license
- Disclaimer
- Limitations
- Revisions and Errors
- Governing Law: Norway
Governance & Risk
Auditable Trails
- Auditable logs
- Immutable Logs
- Access controls
Disaster Recovery Plan
- Redundancy and Data Center Distribution
- Backup Solutions
- Regular Testing of Backup Integrity
Penetration Tests
- Regular Audits and Updates
- Internal & External Audits
- Penetration Testing by third parties
Third-Party Management
- Vendor Selection and Assessment
- Data Processing Agreements (DPA)
- Ongoing Evaluations
- Processor security