Just as fast as new technologies are developing, companies are adopting them. And just as fast as they are adopting them, users are generating copious amounts of data. So now these early adopters must prioritize cracking down on safeguarding against threats and ensuring their data’s integrity and confidentiality.
At Ironclad, it’s not lost on us that companies entrust our platform with some of their most sensitive data – that which lies in their business contracts. While we have some of the largest investments in enterprise-level data security, we know we can provide more. That’s why we’re excited to introduce the Security and Data Pro add-on.
Security and Data Pro Add-On now available
The Security and Data Pro add-on is a set of advanced security and data enhancements designed to provide customers with additional layers of trust, compliance, and intelligence. It features two components: per-tenant encryption, which provides additional data security by encrypting each tenant’s data with a unique security key, and offline API data exports, enabling audit logs of Workflow Activities, and key User Entitlements changes.
Configuration settings
Per-Tenant Encryption
Per Tenant Encryption is a security model that ensures each tenant’s data is encrypted with a unique encryption key. This approach ensures that only the specific tenant can decrypt their data, significantly reducing the risk of unauthorized access and enhancing overall data privacy and protection.
Ironclad, in partnership with Antimatter, has built a Per Tenant Encryption feature as part of the Security and Data Pro add-on. It ensures each tenant’s contracts within their instance are encrypted with a unique key, so Ironclad customers have the option to generate, manage, and control their encryption keys and then use these keys to encrypt data stored or processed by third-party cloud service providers.
At initial launch, there are 3 different encryption management options available for Ironclad customers by way of the Security & Data Pro add-on:
- Key managed by Ironclad / Antimatter (default)
- Bring Your Own Key (BYOK)
- Hold Your Own Key (HYOK)
Root key options
Offline API Data Exports
In addition to advanced data security, we believe our customers deserve more visibility into their data. So as part of this add-on, we have built an offline API data export feature that lets customers get a more holistic picture of what’s happening with their contracting process.
At launch, Ironclad customers can export data in bulk using a Public API endpoint by way of the Security & Data Pro add-on. There are two types of exports available:
- User Entitlements Audit Log API
- Workflow Activity Feed API
Sample entitlements audit log
Use Cases and Benefits
Enhanced Security
Per-tenant encryption ensures that each tenant’s data is securely isolated and encrypted, providing an additional layer of protection against data breaches. This level of security helps organizations maintain the integrity and confidentiality of sensitive information, reducing the risk of unauthorized access.
Improved Compliance and Audit Readiness
With offline API data exports of key user entitlement logs and contract workflow activities, organizations can more easily conduct thorough audits. These features ensure that all user activities and entitlements are transparently documented and accessible, facilitating compliance with several regulatory requirements and simplifying the audit process.
Visibility and Operational Efficiency
The API data export feature also provides additional visibility into your Ironclad instance. It allows organizations to easily extract and analyze data from Ironclad. This data can then be seamlessly integrated into various systems. For example, audit logs can be integrated into Security Information and Event Management (SIEM) tools for advanced tracking and monitoring. The Workflow Activity Feed can be loaded into data warehouse systems or business intelligence platforms for analysis of contracting process metrics, empowering organizations to make more informed business decisions, optimize operations and promote accountability.
What’s Next
At Ironclad, we believe that giving our customers more control and insight over their technology and data is the right thing to do. “This is not a one-time release; it is a new way of doing business, a commitment that we are making to our customers,” according to Ironclad Chief Information Security Officer (CISO), John Fiedler. We can’t wait to continue building further iterations of this offering in the future. Learn more about the new Security and Data Pro add-on here.
Ironclad is not a law firm, and this post does not constitute or contain legal advice. To evaluate the accuracy, sufficiency, or reliability of the ideas and guidance reflected here, or the applicability of these materials to your business, you should consult with a licensed attorney. Use of and access to any of the resources contained within Ironclad’s site do not create an attorney-client relationship between the user and Ironclad.
