![smartcert_logo_inverted_rgb 2.png]](https://kb.smartcert.tech/hs-fs/hubfs/smartcert_logo_inverted_rgb%202.png?height=40&name=smartcert_logo_inverted_rgb%202.png){kind=logo}
Security FAQs
Quick guide to Security FAQs
Security FAQs
High Availability
The SmartCert Network is hosted on Microsoft’s Azure infrastructure. All components are distributed globally and users are routed based on the lowest latency for their location. This redirected hosting has no impact on the storage location of metadata or documents within the network and is strictly in support of an improved user experience. In the event of a regional outage, users will be redirected to next lowest latency region. The SmartCert Network has maintained a scheduled 99.9% uptime since its inception.
Document Storage
All files in the SmartCert Network are stored in geo-redundant, high-availability, private storage containers using Microsoft’s Azure Storage system. All documents associated with SmartCert metadata can only be accessed when viewing a SmartCert and never directly as a document. When viewing documents on the SmartCert network, a delegated and temporary SAS signature is leveraged each time a SmartCert is requested. This signature is only valid for 24 hours at which point accessing the document must be re-initiated from the SmartCert. Versioning is kept for all documents in the event of a modification.
This compliance ensures users have the data they need, when they need it, without exposing sensitive information to the outside world. By restricting access to documents explicitly through SmartCert, it is guaranteed that only users which have access to the SmartCert have access to the associated metadata and documents.
In the event that physical document storage must be located in a specific region, the SmartCert network can support any region globally. We can also support private storage external to the SmartCert network. Please speak with the SmartCert Sales Team if this is a requirement.
SmartCert Access
All access to SmartCert information is controlled by two factors. All SmartCerts are 100% restricted to the original creating party unless they are specifically released according to the below rules and restrictions.
Creator:
When a SmartCert is created, it is assigned to the Location(s) of the user who created the SmartCert. If a user belongs to multiple locations than creator level access is granted to all locations unless the user specifies a specific location during the creation process using the “Sales Location” field. This means only individuals within the organization or company and same location can see or edit that SmartCert. Once a user is added as a member of a Location, they are instantly granted access to all SmartCerts for that location, including those created prior to their joining.
In addition to the visibility restrictions around SmartCert creation, the actual creation or modification privileges for SmartCerts also require the “Writer” access control. This privilege can be granted by administrators of the organization from the User Settings section.
Receiver:
-
In order to have a received view of a SmartCert one of the following must be true.
-
The SmartCert was shared to your specific user account
-
The SmartCert was shared to a location for which you are a member
-
You were granted access to the public SmartCert link by the creating party for that SmartCert.
Note: There are both public and private links to a SmartCert, as the public link is optional. If you attempt to use the private link as a receiver, the SmartCert will not be visible.
You were granted access to the public SmartCert QR Code and you have scanned that QR code.
Once you have a received a SmartCert it will be accessible in perpetuity. While the original creator can amend the SmartCert to provide you with additional information, they can never remove access to that SmartCert. Receivers of a SmartCert are never allowed to edit that SmartCert, their access is permanently restricted to read-only access. Receivers can make a copy of a SmartCert to adjust the cert package and metadata for their use.
User/Company Accounts
The SmartCert Network maintains compliance with all standard privacy and security regulations as per GDPR. All personal information related to user and company accounts is stored separately from the “profile” associated with the SmartCert network. The SmartCert team will never have access to private user information and we will never ask for your password or private information during any support engagement. As per our privacy policy and terms and conditions, SmartCert will never sell or otherwise distribute personal information of its users.
The SmartCert Network also supports SSO via Microsoft AD and Google, allowing users to leverage their standard work accounts for accessing the SmartCert Network.
However, because the SmartCert Network is specifically designed for organization-to-organization and user-to-user interaction, we do allow other users to search the Network so they can find the companies, locations, and users with whom they are attempting to receive or share a SmartCert. The information they can see during a search is restricted and does not include personal information.