World-class security, control & compliance.

CUSTOMIZABLE DOCUMENT PERMISSIONS

Control who can see each document, how they can access it, and for how long.

DISABLE SAVE, PRINT, COPY & SHARE

Advanced digital rights management (DRM) allows you to protect documents and avoid offline leaks by preventing users from saving, printing, or copying documents.

DASHBOARDS & REPORTING

Gain insight by monitoring when each user logs on to the data room, which files they access, and how much time they spend with documents.

INTUITIVE USER MANAGEMENT

Quickly and easily add users, set their access levels, and make sure they can see only the documents you want them to see.

DYNAMIC WATERMARKS

Apply customizable electronic watermarks to all documents, including every sheet in an Excel workbook, so nothing can get misused or misplaced.

LOCK DOWN DOCUMENTS

Only allow users to view documents from a specific IP address and computer.

REVOKE DOCUMENTS REMOTELY

Want something back? Remotely revoke document access in an instant.

DOCUMENT EXPIRE

Set time limits on how long a confidential document is viewable, no matter where it goes.

MULTI-FACTOR PASSWORD AUTHENTICATION

Reduce the risk of password theft by requiring users and administrators to login with two factors, such as a password plus a unique smartphone code.

GDPR

Compliant with the EU General Data Protection Regulation (GDPR) Requirements for Data Processors. Personal Data is stored in Canada. The European Commission has currently determined that Canada is a safe place to store personal data under article 45 of Regulation (EU) 2016/679. No Personal Data is transferred to the US.

Review GDPR

SOC 2

Compliant with Service Organization Controls (SOC) standards for the secure handling of information within a service organization. Specifically, Firmex adheres to SOC 2 trust principles of security and availability, which require that the system is protected against unauthorized access, use, or modification, and is available for operation and use as committed or agreed.

HIPAA

Compliant with the Health Insurance Portability & Accountability Act of 1966, requiring multiple technical, physical, and administrative safeguards. Verified at the highest levels of HIPAA’s privacy, security, & breach notification assessments.

Review Certificate

DISASTER MANAGEMENT

Multiple data centres and disaster scenario plans ensure that data remains unaffected in an emergency situation.

LEADING ENCRYPTION TECHNOLOGY

All documents are encrypted at rest with AES-256. During transit, files use a secure connection and support negotiation up to TLS 1.2 using a prioritized list of ciphers. The Firmex VDR maintains an A+ score on ssllabs.com. All parts of our process are equipped with industry-strength antivirus software.

FIREWALLS & INTRUSION PROTECTION

Your data is protected by a redundant layer of firewalls and intrusion protection systems. These systems are monitored by a security team 24/7 to respond to any detected incoming threat.

PHYSICAL DATA PROTECTION

We use the same data centres as major financial institutions, which are equipped with physical security measures like key card access, fire control, multiple backups, and 24/7 CCTV monitoring.

VULNERABILITY MANAGEMENT

Automated scans detect and alert if newly discovered vulnerabilities are detected so they can be remediated. Annual penetration testing is performed by an independent 3rd party as an audit to our internal secure development practices.

ONGOING RISK ASSESSMENT

We stay aware of new threats and adapt our security measures before they can affect your data.