Intralinks Audits and Certifications
Security first: minimize collaboration risk.
The Intralinks security model is based on four pillars: application, infrastructure, personnel and process. Combined, these pillars ensure that our clients have secure cloud-based content collaboration services that adhere to information security best practices.
But don’t take our word for it. We have passed every one of our 280+ client audits, and we welcome the opportunity to prove to you that we’ll meet or exceed all of your security and compliance requirements.
Customer-led audits and penetration tests.
Since our incorporation in 1996, customers have led over 280 audits of our Intralinks platform and virtual data rooms. With this level of transparency, we have cultivated relationships with our clients that are based on a deep appreciation for the security of our product and services. Want to see what’s behind the curtain? Be our guest. Our customers and auditors routinely conduct physical datacenter walk-throughs, engage in focused and detailed review sessions with the Intralinks Security and Operations team and lead source code reviews.
- Risk-based multi-factor rules engine
- Data-driven authentication rules
- Channel-driven single sign-on
- Data encryption at rest and in transit
- Built-in information rights management (IRM) and dynamic watermarking
- Global zones
- Hardware security module to host customer managed keys
- DDoS protection and web application firewall
- Secure DNS/Website cloaking
- BSIMM process
- UserID dissemination
- Dedicated security team
- Security operations center
Our platform is fully certified and validated.
Today’s global enterprises require collaboration capabilities with robust reporting and compliance features. Our platform provides comprehensive electronic communications reports, including activity tracking, auditing, and security and compliance event reporting. Intralinks easily integrates with enterprise GRC systems and readily adapts to the ever-changing demands of regulatory compliance, so you can always be at the top of your game. We’re certified and compliant across industries and around the globe, including:
- ISO/IEC 27001 certified
- SOC 2 Type II (formerly SAS 70 Type II) certified since 1999
- SSAE 16/SOC1 certified [US and UK data centers]
- ISO/IEC 20000-1 certified [US and Germany data centers]
- ISO 9001 certified [UK and Germany data centers]
- ISO/IEC 22301 certified [Germany data centers]
- ISO/IEC 14001 certified [Germany data centers]
- ISAE 3402 certified [UK and Germany data centers]
- 21 CFR Part 11 validated for electronic records
- DoD 5220.22M compliant
- SOX compliant
- German Copyright Act (Urheberrechtsgesetz) § 101 compliant
- EU Directive 95/46/EC for the protection of personal data compliant
- German Bundesdatenschutzgesetz (BDSG) - Federal Data Protection Act compliant
We support all of your compliance and certification needs.
For over 20 years, Intralinks has provided technology solutions for companies that operate in highly regulated industries. We readily adapt to ever-changing regulatory demands, so we support your ongoing compliance with industry requirements. Currently, we support:
21 CFR Part 11 for electronic records
Gramm-Leach-Bliley Act (GLBA)
MASS 201 CMR 17.00
SEC Rule 17g-5
More than 170 Intralinks clients have performed audits and/or due diligence on our security operations and processes to verify our operational controls, procedures, and technology meet their security standardsLarry Albrecht Senior Vice President- Operations Midwest BankCentre