Single-Tenant Security
Our unique single-tenant architecture provides unparalleled security–along with data and resource isolation–for greater control and peace of mind.
DiscoveryPartner is the only search and discovery platform that runs in its own private environment, designed to take advantage of the unique capabilities of the cloud, including the creation of isolated, single-tenant client environments.
Each site runs in a separate environment, protected in a virtual private cloud (VPC) with dedicated hardware and software. These VPCs are shielded from the Internet and can only connect through a limited hardened gateway, making them invisible to random hackers.
Our unique single-tenant / VPC configuration ensures that each site runs on its own private computing resources, with the main infrastructure serving only a single matter. Each case is kept separate from others with a unique URL and login credentials, preventing data commingling and unauthorized access.
The benefits of our single-tenant environment include:
- Isolation: Data and servers are isolated using dedicated and private networks. Documents and data for each matter are kept in a separate datastore, not shared with other cases. All servers are deployed in private networks with no direct outbound internet access, and communications between servers and cloud services happen via secure, private network links.
- Dedicated Resources: All resources, including hardware, software, and storage, are dedicated to a single organization, ensuring exclusive access and control over the ediscovery environment.
- Customization: DiscoveryPartner offers a high degree of site and security customization, allowing clients to tailor the environment to their specific needs, workflows, and compliance requirements without affecting other environments.
- Performance: With resources dedicated to a single site, all bandwidth is available for the matter. Server configurations can be easily expanded and customized for optimal performance when dealing with large volumes of data and complex search queries.
Our single-tenant architecture allows us to size computing resources to meet the needs of each matter, deploying smaller sites for smaller matters to save on costs and resources, and quickly scaling up when matters grow larger.
Enhanced Security
Our single-tenant Virtual Private Cloud architecture provides greater security and data isolation.
Scalable Resources
Quickly scale servers and databases up or down as projects require with dedicated cloud resources.
Global Hosting
Meet data privacy, HIPAA and business requirements with local hosting that can be set up overnight.
The Power of Virtual Private Clouds
Merlin leverages the power of virtual private clouds (VPCs) to provide secure, isolated, and personalized environments for each matter we host.
A VPC is a secure, isolated virtual network within the cloud, designed to offer an optimal level of security and control, similar to a traditional on-premise data center but without the associated physical infrastructure costs. A VPC is housed within a public cloud environment, yet maintains a distinct separation from other users of the cloud, providing a personalized, secure computing environment.
As such, a VPC serves as the backbone for secure and customizable cloud solutions, enabling Merlin to provide:
- Additional security measures to meet your specific needs
- Control over your environment for HIPAA and data privacy compliance
- Enhanced access restrictions and individual monitoring
Our VPCs have no direct connection to the Internet or outside world except through a highly secure load balancer that handles traffic to and from each site. Even though it sits in a public infrastructure, servers within the VPC are all but inaccessable to hackers or other bad actors.
By leveraging VPCs, Merlin ensures that each client’s environment is completely isolated and tailored to their unique security and compliance needs, reinforcing our commitment to providing the highest level of data protection and control in the ediscovery process.
Scalability for Optimal Performance
Merlin’s single-tenant VPC architecture offers unparalleled scalability, ensuring that your ediscovery environment can quickly adapt to your changing needs. With a VPC, you’re not confined to static physical infrastructure. Instead, you have a dynamic computing environment that can effortlessly scale up or down to meet the ebb and flow of your business requirements.
When demand spikes, whether due to sudden influxes of data during large-scale litigation or increased review activity, we can scale up the computing resources within your dedicated VPC by:
- Adding more servers, whether to accommodate a heavier review load or to handle unexpected increases in document or data load; or
- Increasing the computing power of existing servers with a few simple clicks, ensuring uninterrupted, high-performance operation, even under heavy loads.
When demand recedes, we can easily scale down resources to prevent unnecessary expenditure. This flexibility offers not just an optimal operational environment but also a cost-effective solution. Our goal is to adapt swiftly to your changing needs, ensuring that you have the right resources at the right time, without overpaying for unused capacity.
Customizable Security
In the world of digital data, the need for robust security and privacy cannot be overstated. Particularly when dealing with PII or data subject to HIPAA, a customized approach to data hosting is not just a nice-to-have, it’s a necessity. Merlin understands this critical requirement and leverages the flexibility of single-tenant architecture to offer highly customizable solutions for each client.
Each VPC acts as an independent fortress, providing a secure environment where data is not only stored but also transmitted and processed under the highest standards of security and privacy. Whether it’s enabling enhanced access restrictions, implementing additional encryption methods, providing special monitoring or securing data transmission channels, we can fine-tune each component of your cloud environment to ensure compliance with GDPR, HIPAA and other data protection regulations.
Global Hosting for Data Privacy
Merlin’s single-tenant VPC architecture offers the flexibility to choose your preferred hosting location, ensuring compliance with data sovereignty requirements. This is particularly crucial in an era of increasing focus on data privacy and security, with regulations like GDPR, CCPA, and HIPAA setting strict standards for how data must be handled.
With Merlin, you can:
- Comply with data privacy regulations: Ensure that your data is subject to the laws and regulations of the country or region where it is hosted, giving you greater control over how your data is handled and helping you meet the requirements of various data privacy regulations.
- Leverage private or government-approved environments: Host your VPC in a client’s private AWS environment or a government-approved FedRAMP environment, depending on your specific compliance and security needs, such as those outlined in HIPAA or other industry-specific regulations.
- Adapt to changing regulatory landscapes: Quickly and easily adjust your hosting location as data privacy and security regulations evolve, ensuring ongoing compliance with new or updated standards like the CPRA.
By providing the freedom to choose your hosting location, Merlin empowers you to meet your unique data sovereignty requirements, no matter where your ediscovery needs take you. Whether you’re navigating GDPR, CCPA, HIPAA, or other data privacy regulations, Merlin’s global hosting options ensure that you can maintain compliance and keep your data secure.
Application Security
Single Tenant
Our site run in dedicated environments without data commingling. Each matter runs in separate database, search and storage servers that can be protected from inside and outside intervention.
Multi-Party
We provide private fields and shared folders as standard issue. User groups get private tag sets and shared searches so they can work together while protecting group work products.
Audit Logs
Extensive auditing and logging capabilities let administrators track each person's use of the site. Document views, tags, searches and other actions are tracked throughout.
End to End Encryption
Data is encrypted in transit and at rest to ensure maximum security using industry leading protocols including TLS and AES-256. This ensures that data is protected at all times on the Merlin platform and between Merlin and its users.
Document Lockdown
Requests to view a document must be accompanied by a time-limited Authorization Ticket before access is granted. This keeps users from improperly sharing files and hackers from traversing file servers.
Permission-Based Roles
Merlin provides granular Role-based Access Control (RBAC) in which every function in the Merlin software platform is available as a permission that can be assigned to a role. Administrators can limit available fields and actions.
Robust Cloud Enhanced Security With AWS
Governments, financial institutions, and major corporations are increasingly moving their sensitive data and critical operations to the cloud, recognizing that cloud providers often offer a higher level of security than they can achieve in-house.
At Merlin, we’ve embraced this reality and built DiscoveryPartner on the foundation of Amazon Web Services (AWS), the world’s leading provider of secure public cloud services. By leveraging AWS’s cutting-edge security features and services, we ensure that our users benefit from the speed, scalability, and cost savings of the cloud without compromising on security.
DiscoveryPartner isn’t just hosted on AWS; it was designed from scratch to leverage the cloud’s full potential, especially its extensive array of security features and services. This purposeful integration ensures that our users enjoy all the advantages of the cloud while benefiting from an enhanced security environment that AWS uniquely offers.
Physical Security and Infrastructure
- Secure Facilities: AWS maintains highly-secure facilities that are locked-down and monitored 24/7. With decades of experience managing our own environments across private data centers, we find AWS to be more secure for several reasons, including the fact that they are staffed with many of the world’s best information security professionals.
- Extensive Certifications: As a provider of infrastructure for government agencies and large entities worldwide for over a decade, AWS maintains an extensive list of security certifications, including multiple ISO badges, FedRAMP, PCI, HIPAA, SOC, and dozens of others. In total, AWS holds over 40 U.S. and international audit certifications.
- Data Encryption: AWS simplifies the use of industry-leading encryption technology for securing data in transit and at rest. Encryption ensures that data is only accessible by authorized identities and/or services, regardless of the data’s location.
- High Availability and Redundancy: AWS provides a highly available infrastructure spanning the globe. Each AWS region contains several availability zones made up of multiple distinct and highly secure data centers. Deployments on AWS can leverage these data center resources to maximize service availability in ways that would otherwise be difficult to achieve.
- Advanced Security Services: We take advantage of multiple services offered by AWS to protect client data and supplement our security practices. If you need extra security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment, ultimately giving you complete control over your site.
Our goal in developing DiscoveryPartner was to leverage all the security advantages offered by the AWS environment, taking it to the next level with our unique single-tenant architecture. By combining the robust security features of AWS with our purposefully designed platform, we ensure that your sensitive data remains secure and protected throughout the eDiscovery process.