Enterprise-Class Security for Your Hosted Data
Security is a top priority at Catalyst. In our 15 years in operation, we have hosted thousands of matters on behalf of some of the largest companies and law firms in the world without a single security compromise or incident.
24/7 Data Center Monitoring and Security
Our servers are securely housed at four colocation facilities—three in the United States and one in Japan. All are Tier 3 or higher guaranteeing at least 99.982% availability. All are SOC 1/SSAE 16/ISAE 3402 Type II or SAS 70 Type II certified, with 24/7 security, N+1 uninterruptible power, multiple load-balanced HVAC systems, and fire detection and suppression systems. We monitor our systems and infrastructure 24/7.
All of our U.S. facilities are interconnected via private redundant gigabit Ethernet connections. High availability is achieved through redundancy for all network devices and server nodes. Our Japan data center is connected by an Internet Protocol Security (IPsec) tunnel across the Internet to our U.S. facilities
All of our U.S. facilities are interconnected via private redundant gigabit Ethernet connections. High availability is achieved through redundancy for all network devices and server nodes. Our Japan data center is connected by an Internet Protocol Security (IPsec) tunnel across the Internet to our U.S. facilities.
Connections with our application servers are limited and will respond only to SSL-encrypted HTTP calls. Our SSL certificates are signed by a publically recognized certificate authority and are signed with a minimum 1024-bit encryption.
Two-factor provides a second level of secure authentication prior to logging in. Users can use their mobile devices as a secondary source of authentication, improving security and simplifying the user experience. This ensures that, even if a password is compromised, the account will remains secure.
Secure Data Delivery
For delivering data to Catalyst in bulk, clients can choose from a number of secure delivery methods.
Restricted Data Access
Only Catalyst employees have access to client data and that access is on a need-to-know basis. Many of our key employees have been with us for well over a decade and many of our "newcomers" have been with us for at least five years.
Employee and Contractor Security
All Catalyst employees and contractors are required to accept and sign a non-disclosure and confidentiality agreement when they are hired. If an employee or contractor is found to have violated the agreement, we take appropriate disciplinary measures, up to and including dismissal.
Third-Party Security Audits and Certifications
Our security has been inspected and approved by security teams from major insurance and banking companies and by the U.S. Department of Justice for use in a major terrorist trial. A rigorous IT security and risk assessment by an independent consulting firm recently concluded that our Catalyst Insight is free from any security vulnerabilities.
For a detailed report on our data, systems and application security, click here.