E-Sign’s priority is to make your experience safe and secure. We ensure you have the information you need to feel comfortable transacting business online. We are the only electronic signature provider authorised on the UK Governments secure Public Service Network
At eSign, security and privacy are at the heart of everything we do. With both the latest cyber and physical security measures in place, you can be sure your data and network are protected with eSign.
Operating from UK-based, ISO 27001-certified data centres, our state-of-the-art servers are protected with commercial-grade firewalls, border routers, and network management systems, as well as 24-hour on-site security and strict physical access controls.
Compliant with industry- recognised standards, you can rest assured that our security system will protect your data from loss, damage and cyberthreats.
Our IT security team monitors the E-Sign network, providing assurances for all staff to focus their efforts on other objectives. We have implemented the latest security tools throughout our systems, which focus on any particularly high-value or high-risk integrations and touchpoints.
Our access control and compliance policy ensures your data is never compromised. At E-Sign, we leave nothing to chance; we’re constantly testing and improving our security system for the ultimate protection.
E-Sign’s trust and reputation are key, and as such, we take security incidents very seriously. Customer reporting of security threats and suspicious activity is especially effective, and you are an essential information security asset. Once we receive this information, we can assess and continue to produce the highest level of security protection, protecting you and ourselves against cybercrime.
One of the top priorities for many businesses is third party vendor risk management, which is completely understandable. So, what are the critical elements we need to consider from a third-party risk perspective? Classification and compliance would be considered front of the queue.
Depending on the industry in which an organisation operates as well as the relevant legal and regulatory requirements, different organisations have different appetites for risk security. We at E-Sign are aware of this. Because of this, security is a top priority in the research, design, and development of all of our products, and they are all constructed with configurable security in mind.
ISO 27001 is the international standard that lays out the specifications for implementing an information security management system (ISMS).
E-Sign first obtained its IS027001 certification for electronic signature and document management in 2014 and has been re-certified every year since.
E-Sign has created an ISO 27001 compliant information security management system which is maintained and improved annually.
THE ISMS is audited on an annual basis by an external UKAS accredited certification body.
Cyber Essentials is a United Kingdom government information assurance scheme that is operated by the National Cyber Security Centre (NCSC). It encourages organisations to adopt good practice in information security.
Cyber Essentials also includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet.
It was developed in collaboration with industry partners, including the Information Security Forum (ISF), the Information Assurance for Small and Medium Enterprises Consortium (IASME), and the British Standards Institution (BSI), and it is endorsed by the UK Government. It was launched in 2014 by the Department for Business, Innovation and Skills.
E-Sign is the only electronic signature provider trusted on the Public Service Network. The PSN is the UK Government’s high-performance network, which enables public sector organisations to work together, reduce duplication and share resources.
Government organisations and health trusts access the PSN for secure and trusted digital services, that meet strict regulatory requirements and provide assurance that the service they access has the highest security standards, is exceptionally reliable, and can address issues within a rapid timeframe.
With the rapidly growing digitisation of document management and cloud-based solutions, the need for trustworthy providers has never been more important. The E-Sign document management and electronic signature solution provides businesses with improved efficiencies and major cost savings, creating enhanced advantages over competitors.
Compliance process for many government computer systems in the UK
An ITHC, or IT Health Check, is an IT security assessment that’s part of the compliance process for many government computer systems in the UK.
Generally performed by an external service provider, an ITHC touches on both applications and infrastructure and involves an element of penetration testing.
This accreditation is essential for any company wishing to supply services to public sector organisations via the Public Service Network.
By meeting these requirements and more, E-Sign is able to supply our digital solutions on the PSN, making us the only e-signature on the market with the ability to do so.
We take security and data protection legislation extremely seriously
We ensure data confidentiality, integrity and availability through a robust combination of policies, processes and independent evaluation. Data is hosted in and does not leave the UK.
Relevant accreditations include Crown Commercial Services (formerly G-Cloud) framework provider, PSN ISO/IEC 27001 Information Security Management, ISO 9001 Quality Management and Cyber Essentials.
The approach to our architecture affords us excellent resilience in the context of Business Continuity, Disaster Recovery (DR) and High Availability (HA). We have chosen two geographically separate locations to host our servers to maximise failover and load balance options. E-Sign follow the ISO/IEC 27001:2013 – Information Security Management standard.
With the ability to select a customisable password for the E-Sign platform, you can be sure that all users set hard-to-break passwords that effectively protect your sensitive business information from prying eyes.
With two-factor authentication ensuring any password resets are legitimate, you can be sure that extra security measures are in place to protect your account from hackers.
To ensure your signing process is protected from fraud, you can integrate eSign’s ID Checker to confirm the identity of your signers before they can access any business sensitive data.
To offer additional protection for your business information, you can enable SMS authentication and password protection for all documents, ensuring only authorised personnel can access the contents.
Implement secure access control and provision new users for all of your corporate apps with Single Sign-On (SSO). SSO streamlines and secures user login by requiring a single password across all SSO-capable apps.
Every completed document is supported by a digital certificate documenting the author, signers, devices used, IP addresses, time, and date stamps and an advanced audit trail to record your document transaction at every stage.
