All systems are operational.
eSignLive by VASCO is a leading e-signature solution that is trusted by some of the most security-conscious organizations in the world, including the United States Joint Chiefs of Staff, the US Army, 12 of the top 20 banks and 8 of the top 15 insurance companies in North America.
Our customers rely on eSignLive to run their businesses and keep mission-critical processes moving forward. As a result, we continually strive to offer 100% uptime.This may take a few seconds as we are gathering system data in real-time. Thank you for your patience.
DATA CENTER CERTIFICATIONS & SAFEGUARDS
eSignLive is hosted in multiple data centers across the globe for high availability. We’ve partnered with the market leaders in cloud infrastructure services – Amazon Web Services (AWS), IBM SoftLayer, and Microsoft Azure – that operate, manage and control all of eSignLive’s hosting components. This includes the host operating system and virtualization layer to the physical security of the facilities in which the services operate. Our cloud infrastructure providers are designed and managed according to security best practices, and a variety of regulatory, industry and IT standards for security and data protection, including:
By leveraging the global data center networks of our technology partners, we can quickly deploy new instances of eSignLive virtually anywhere in the world. This not only helps fulfill the needs of organizations that require transparency into where data resides, but also enables customers to quickly scale up and expand operations globally.
ESIGNLIVE COMPLIANCE AUDITS & CERTIFICATIONS
eSignLive meets the security control and compliance requirements set forth by third-party evaluators for its e-signature application:
- The Service Organization Control (SOC) 2 attestation is among the highest standards for cloud security and data protection. eSignLive has successfully completed the SOC 2 security audit and is protected against unauthorized access, use and modification. Download a summary of the auditor’s report (version 10.13 and 11.0).
- In 2016, eSignLive became the first e-signature solution granted the Authority to Operate (ATO) under FedRAMP. Our proven FedRAMP-authorized solution, hosted by our partner Project Hosts, meets the highest cloud security requirements and is in use by government organizations at all levels. Learn more about eSignLive and FedRAMP.
- For the U.S. healthcare industry, eSignLive is in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
- eSignLive is “Skyhigh Enterprise-Ready” and fully satisfies the most stringent requirements for data protection, ID verification, security, business practices, & legal protection.
GENERAL DATA PROTECTION REGULATION (GDPR)
On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (“GDPR”) takes effect in the European Union (EU). The GDPR expands the privacy rights granted to EU individuals and places many new obligations on organizations that market to, track or manage EU personal data, regardless of where the organization is located. The GDPR emphasizes increased transparency and choice for individuals, while requiring organizations that process personal data to be responsible for it.
Security and trust are at the heart of eSignLive’s business. Together with our parent company, VASCO Data Security (NASDAQ: VSDI), we have more than 20 years of experience delivering e-signature and authentication solutions to some of the most security-conscious organizations around the world. We welcome the GDPR as an important step forward in streamlining data protection requirements across the EU. The eSignLive team has analyzed the requirements and we will comply with the GDPR in the delivery of our e-signature solution to our customers and partners.
In recent years, we have consistently reinforced our commitment to data security and privacy through our actions:
• In 2016, we became the first e-signature solution granted the Authority to Operate (ATO) under the U.S. Government’s FedRAMP.
Moreover, our e-signature service has always been designed to meet data localization requirements by using a deployment model where the system used to process customer data is self-contained within the target region. Data is captured, processed and stored within the system boundary in the target region, and there is no interconnection between the environments that would result in customer documents being transferred over to a different geographic area.
We are committed to our customers’ and partners’ success, including compliance with the GDPR by May 25, 2018.
At eSignLive, we take a broad view of e-signature security. Beyond simply showing security certifications, we focus on all of the following top e-signature security requirements:
- Document and signature security
- Protecting e-signatures and e-signed records from tampering
- Transaction security
- Evidence reliability
To learn more about e-signature security, read or watch the following resources:
- The Ultimate E-Signature Security Checklist (Blog Post)
- Security for E-Signatures and E-Transactions (White Paper)
- Why Data Residency Matters to Digital Business (Blog Post)
- Are You Able to Prove Compliance to External Auditors? (Blog Post)
- SOC 2 vs. The Other Guys (Blog Post)
- Who’s Keeping Your E-Signature Provider Honest? (Blog Post)
- Top E-Signature Security Requirements (Webcast)
- Protecting Customer Data in the Cloud (Blog Post)
11.7 will be deployed to the following environments:
- US FEDRAMP SBX: revised date TBD
- US FEDRAMP PROD: revised date TBD
11.8 will be deployed to the following environments (no downtime):
- US PRV: Oct. 20
- US SBX: Oct. 30
- CAD SBX: Oct. 30
- AU PRD: Nov. 6
- EU PRD: Nov. 7
- CAD PRD: Nov. 8
- US PRD: Nov. 9
TLS 1.0 disablement notice for customers integrated with eSignLive (cloud) via the API/SDKs.
System Notices Archive