Guard
Asset 1@2x@2x

Contract Security with Malbek

Contracts contain the most sensitive, private, and mission-critical information about an organization. As a provider of modern contract management solutions, Malbek is committed to making sure your contracts are both readily available for your use and fully secure from those who shouldn’t have access.

 

bek1
Asset 6@2x

What is contract security?

Contract security is an essential element right in the heart of the architecture of a CLM solution that keeps your most sensitive contract data from prying eyes. The most effective contract security makes it possible to set permission levels at individual business units level and down to individual users to protect sensitive information. And with robust data encryption in a highly secured cloud environment, you can achieve the level of protection that your contracts need.
Asset 2@2x
Asset 2@2x

The Cloud Secured

The Malbek platform began life with cloud technology in its DNA. Using the latest cloud-ready, secure technology stack, it employs static code analysis tools to detect vulnerabilities and periodic, third-party dynamic vulnerability scans to secure our production environment.

Asset 10@2x
Asset 10@2x

Data Separation

While the Malbek platform is multi-tenant, your data is never co-mingled with other customers’ data. It is clearly separated by distinct data stores to provide data isolation.
Group 738@2x
Asset 9@2x

Authentication Integration

The Malbek platform supports authentication integration via industry standard SAML 2.0. This allows you to manage your own user access, integrating with your corporate authentication as a single sign-on (SSO). This method ensures that you can access connected systems using the same username and password, adhering to your corporate password policy.

Asset 5@2x
Asset 5@2x

Infrastructure with Amazon Web Services

The Malbek platform uses Amazon Web Services (AWS), which provides hardened, highly-available Tier IV data centers to ensure server isolation via the virtual private cloud (VPC) and AES-256 data at rest encryption. Additionally, Malbek employs internal and external network penetration testing and vulnerability scanning to ensure that threats are promptly detected and remediated.

Asset 11@2x
Asset 11@2x

Application Security

Contract documents generated by the Malbek platform are protected when they are at rest or in transit. In addition, Malbek provides configurability to our customers to be able to mark certain portions of data as sensitive to handle it with an additional layer of security.

Asset 7@2x
Asset 7@2x

Authorization Framework

Malbek’s robust security models make it easy to configure user access, provide actions, and orchestrate processes to fit specific needs. Access controls can be division or role-based as well as instanced-based for even deeper granularity and protection of contracts, contract templates, and master data.

Group 765@2x
Group 765@2x

GDPR Compliance

GDPR compliance requires a partnership between Malbek and you, our customer, in the use of our products and services. Malbek provides configurability to add additional layers of security for portions of data that is considered PII sensitive. Malbek complies with GDPR in the delivery of our service to you by revising policies and processes related to the treatment of EU Personal Data for our customers, partners, contractors, and employees.

Asset 3@2x-1
Asset 3@2x-1

SOC 2 TYPE II CERTIFICATION

The Malbek processes and systems are designed to keep our customers’ sensitive data secure. Malbek is SOC 2 Type II certified.