About Clearance information security

2019-11-06Last updated

All data and files imported in Clearance are encrypted, and all communication with the platform is secure. These encryption and security measures ensure that sensitive data, files, and communications are only seen by users with the appropriate access.

Storage encryption

All data and files imported in Clearance are automatically encrypted using AES-256 with symmetric keys that are dynamically generated, ensuring that each file has a unique key. The Advanced Encryption Standard (AES) key is encrypted with a public key that can only be validated by users who have access to the files.

Communications encryption

All communication with the platform is secured using the Hypertext Transfer Protocol Secure (HTTPS) and Transport Layer Security (TLS) certificates signed by trusted certificate authorities such as Digicert. Clients validate the identity of the servers by using symmetric keys with TLS.

Protecting data integrity

All data imported in Clearance is validated with a digital signature. Digital signatures are based on a 512-bit Secure Hash Algorithm 2 (SHA-2) and are encrypted using an asymmetric private key to protect data integrity and restrict access to users with a valid public key. The system stores all original files without modifications.

User authentication

Clearance supports Windows Active Directory (AD) by using Microsoft Active Directory Federation Services or any system supporting the OpenID Connect standard. The authentication system is based on a passive authentication model with OAuth 2.0 and OpenID Connect.

Using an identity server (AD or others) means that you can connect directly to the authentication page for your organization. By using these authentication standards, the administrator can define how users are authenticated: password, tokens, biometric, or a combination of several of these techniques.

Clearance can use AD for user and password management, this means that organizations can enforce password rules and expiration requirements, multi-factor authentication, the number of failed log in attempts before deactivating a user credential, and so on.

Audit trails

All actions that are performed on cases and uploaded files are logged in the Clearance audit trail reports. These audit trail reports include detailed information about the following: the user, the activity type, the date of addition, change, removal of cases or files, and IP address accessed when the action occurred. System administrators can review audit logs of files, including when they have been created, imported, exported, shared, edited, redacted, and so on. Logs are also kept to provide details about when videos are viewed and by who.