Security & Compliance
Security first.
Protect your critical data with patented end-to-end encryption.
The only cloud-based collaboration provider to combine true end-to-end encryption, on-premise key ownership, and enterprise-class admin control into one extensible platform.
Encrypted when sent, decrypted when received
Message contents are hidden between sender and receiver and never decrypted while in the cloud. This means neither Symphony nor anyone else can decrypt your content.
Secure cloud processing
Our platform offers end-to-end encryption. Even if your content is breached in the cloud, it remains encrypted. Symphony can never see your data, unlike other collaboration providers.
On-premise key ownership
Symphony customers get full physical and exclusive control of decryption keys with an on-premise deployment of Hardware Security Modules.
Security and Compliance
Symphony security and compliance programs are based on federal (NIST) and global (ISO) standards
EU-U.S. Privacy Shield & Swiss-U.S. Privacy Shield
Verasafe™ Privacy Program member
SOC 2 Type II Report covering Security, Confidentiality and Availability Trust Principles, & HIPAA Security
FS-ISAC Affiliate Member
Symphony has implemented security controls that comply with HIPAA security requirements. These controls are also independently audited in Symphony’s SOC 2 Report.
View our GDPR Whitepaper for information about Symphony’s strategy for complying with the EU General Data Protection Regulation.
Safeguard your business
A secure collaboration platform is the all-important foundation for digital transformation.
Uncompromised user experience
Enjoy file-sharing, voice and video chat, automated workflows and integrated bots, with everything encrypted.
Enterprise-class administration
Granular controls for deploying and managing security capabilities such as Single Sign-On, Mobile Device Management (MDM), two-factor authentication and more.
Archival record compliance
Symphony retains and archives all encrypted communications for any compliance measure or record keeping you require.
Everything secure, for everyone, everywhere
Your communications are encrypted on Symphony no matter what platform or device.
Most collaboration security falls short
Some cloud collaboration providers offer encryption “at rest and in motion.” They claim to be secure, but repeatedly decrypt your messages during cloud processing. Data may be vulnerable in those moments.
These providers also want you to believe that bring-your-own-key (BYOK) policies are as strong as Symphony’s patented end-to-end encryption. In the cloud, BYOK exposes data and files in clear text, making them as vulnerable as any other sub-par security measure.
Symphony’s true encryption stands above
By contrast, Symphony offers true end-to-end encryption. All enterprise customers have full, physical and exclusive access to keys. We do not decrypt objects on cloud servers.
Further, keys are created by customers and remain entirely in their hands. Even if the cloud service is breached, the keys remain safe because they aren’t even present in the cloud.
Simply put, Symphony’s security protects data better. And we’d be happy to demonstrate.
Mobile security alliances
Symphony teams up with top MDM solutions for ultimate security.
Resources
Read an expert’s breakdown of Symphony’s complete security.
Read more: