Enterprise-Grade Security to Protect Your Data

security overview

Protecting client data is a top priority at Catalyst. In over 18 years of operation, we have hosted thousands of matters and Terabytes of data on behalf of some of the largest companies and law firms in the world—without a single security compromise or incident.

We employ strict security standards and multiple layers of physical, network, application and user-level security that safeguard our clients’ sensitive and confidential information.

Security Highlights

SOC 2 Compliant

Catalyst follows a SOC 2 security framework and works closely with Coalfire Systems, Inc. and BlueLava Consulting, LLC. for security consulting, SOC 2 auditing and periodic (at least annual) penetration and application security testing.

Data Center Operations and Security

Our technology is physically located at five secure colocation facilities—three in the U.S. and two in Japan. All of our colocation facilities are Tier 3 or higher data centers guaranteeing at least 99.982% availability. All are SOC 2-3 compliant as well as SSAE 16, ISAE 3402 Type II or SAS 70 Type II certified along with NIST 800- 53 compliant.

Third-Party Security Audits

Our security has been inspected and approved by security teams from major insurance and banking companies and by the U.S. Department of Justice. We engage independent third parties on a regular basis, including Coalfire Systems, to conduct information security audits, including penetration testing, vulnerability and application examinations.

Application Security

Our first line of defense is limiting the protocols through which clients can connect with our systems and infrastructure. For example, Catalyst’s applications allow access through our firewall (HTTPS), and application servers for those products will only respond to an SSL-encrypted HTTP call. Documents can only be accessed from our dedicated object storage network through an “auth ticket,” which provides unique, time-limited credentials to access the document but nothing beyond.

We provide optional two-factor security for clients seeking an additional authentication layer provided over text or cell service.

Privacy Shield

As a registered participant, we are committed to handling data coming from EU countries in accordance with the Privacy Shield Framework. Catalyst is registered with the International Trade Administration (ITA) within the U.S. Department of Commerce.

Download a detailed report on our data, systems and application security




Phone: 303.824.0900 | Toll Free: 877.557.4273
Fax: 303.293.9073

Privacy Policy | Privacy Shield

About Catalyst

Catalyst designs, builds, hosts and supports the world’s fastest and most powerful e-discovery platform. For 20 years, Catalyst has helped global corporations reduce the total cost of discovery and take control of complex, large-scale discovery and regulatory compliance.

Copyright © 2018 Catalyst Repository Systems. All Rights Reserved.