Data Security That Checks All the Boxes and Then Some

We focus on security and certifications so you don't have to.

Hanzo security professionals keep our systems and policies updated to standards that Fortune 500 enterprises trust every day. To match what the Hanzo team does you'd have to have an internal dedicated team larger than some small businesses.

SOC2 Type 2 Certified

Hanzo received its SOC2 Type 2 certification in October 2019 following a thorough audit. This certification demonstrates that the company has extensive controls in place to protect against unauthorized access (both physical and logical). Our SOC2 report is prepared by an Independent Certified Public Accounting agency that audits security principles and practices formed under the AICPA. The SOC2 report is available under NDA upon request.

Trusted Approach

Hanzo’s enterprise ediscovery and compliance solutions are developed with industry best practices, legal-defensibility and security in mind. Companies trust and adopt our software into their enterprise ecosystems because Hanzo demonstrates its commitment to security across three critical security domains: company, application, and hosting provider.

Secure Architecture

From the application development process, to data retention, to encryption, authentication and authorization, Hanzo’s applications are designed to be secure. All customer information is encrypted when transmitted to and from Hanzo’s applications and a customer’s web browser via HTTPS (data-in-transit). All customer information retained on Hanzo’s storage systems is encrypted using unique 256-bit encryption keys with strict access control (data-at-rest).

Access Controls & Authentication

Hanzo encourages all customers to use single sign-on (SSO) to ensure a secure authentication and user identification process. SSO allows your existing account provisioning and de-provisioning, and robust password controls.

Privacy Compliance

Hanzo respects the privacy and confidentiality of all customer data, and strictly adheres to GDPR practices and protocols. We comply with the EU Global Data Protection Regulation, as well as US domestic privacy regulations such as the California Consumer Privacy Act (CCPA) of 2018. For more specifics, visit the Hanzo privacy policy.

Data Retention

Hanzo Dynamic Capture retains customer data per the instructions of our customers, with no automatic disposition or destruction of data. Customers can direct us to return and/or dispose of their data pursuant to their instructions. Hanzo Hold retains data as long as it is subject to a legal hold or compliance obligation. Once the hold or compliance obligation is removed, data that is no longer subject to a hold will be deleted automatically and an audit record will remain to document the process.

Helpful Resources To Support Your Corporate Ediscovery Team

IT Buyers Guide for Archiving & Ediscovery Software

Hanzo’s IT Buyer’s Guide provides an in-depth overview of our security policies and practices, and is intended to address the IT professional’s most common considerations surrounding bringing new software into the enterprise such as security, privacy, and other data considerations.

Ediscovery-101-For-Collaboration-Article8--SOCIAL-CARDS

Ediscovery 101 For Collaboration: Using Slack’s corporate export versus the discovery API?

What are the differences between the Slack corporate export and Slack Discovery API? Read this article to learn more.

The CCPA is Live for Enforcement. Is Your Website in Compliance?

The California Consumer Privacy Act (CCPA)—the most comprehensive personal data privacy legislation anywhere in the United States so far. Is your website in compliance?

Ready to See Hanzo in Action?

Contact us for a demo and see why some of the most recognizable brands in the world trust Hanzo to manage the challenges of modern enterprise ediscovery and compliance today.