Merlin's cloud-native architecture offers flexibility, redundancy, high availability and enhanced security options.
Increased Security and Flexibility
Sherlock Integrated Search was purpose-built for the AWS Cloud. For increased levels of security, we chose a cloud-native architecture that included designing our sites to run in separate virtual private clouds (VPCs). We also chose against using the standard multi-tenant model in favor of building our sites using a uniqueย single-tenant architecture.ย There are a host of advantages to single-tenant sites including greater security, no commingling of data and the ability to spin sites up and down at will. It also allows us to redefine hosting pricing and to be the first to offer Cloud Utility Pricing.ย
Learn more about our unique Single-Tenant Architecture and Cloud Utility Pricing.ย
Application Security
We offer a host of security options designed to ensure control over your data access from upload to archive. In addition to cloud monitoring and active firewall management, we use these best practices to protect data from improper access:
Encryption in Transit and at Rest
Data is encrypted in transit and at rest to ensure maximum security using industry leading protocols and ciphers including TLS and AES-256. This ensures that data is protected at all times on the Merlin platform and between Merlin and its users.
Secure Document Lockdown
Requests to view a document must be accompanied by a time-limited Authorization Ticket before access is granted. This keeps users from improperly sharing files and hackers from traversing file servers.
Permission-Based Roles
Merlin provides granular Role-Based Access Control (RBAC) in which every function in the Merlin software platform is available as a permission that can be assigned to a role. Administrators can create roles for any combination of functions, limiting the fields and actions available for each user.
Single Tenant Environments
Our systems run securely in dedicated environments where customer data is never co-located. Each matter runs on separate database, search and storage servers that are protected from both internal and external threats.
Optimized for Multi-Party Use
We provide private fields and shared folders as standard issue. User groups get private tag sets and shared searches so they can work together while protecting group work products.
Complete Logging and Auditing
We provide full auditing and logging capabilities so site administrators can track each person's use of the site. Document views, tags, searches and other actions are tracked throughout.
Cloud Operations
We structured operations practices to meet or exceed applicable industry standards for privacy and data security both in the U.S. and around the world. To support that objective, all Sherlock deployments are hosted in Amazon Web Services (AWS), one of the leading cloud infrastructure and services providers.ย Like many of the worldโs leading cloud based software providers, we use AWS to provide infrastructure, networking and advanced security services. We then integrate security best practices into software design and data practices.ย
From the beginning, our goal was to create a cloud-based software platform that drives business value while meeting or exceeding our clientโs data protection requirements. Merlin works every day to earn the trust of our clients to host their data in the cloud more securely than if it was behind their own firewalls or private data centers.
Cloud Security
Those new to the public cloud may fear they are compromising security for speed, scalability and cost savings. In fact the opposite is the case. Rather than build our own data centers, as we have done in the past, we chose Amazon Web Services (AWS) as our infrastructure partner. AWS was the first to offer secure public cloud servicesย and it is the leader worldwide on cloud security.ย
Thus, from the beginning, we purpose-built Merlinโs software platforms to run on the Amazon cloud and to take advantage of the many security features and services it offers.
1. Physical Security
AWS maintains highly-secure facilities which are locked-down and monitored at all times. We have decades of experience managing our own environments across private data centers and find AWS to be more secure for a number of reasons, including the fact that they are staffed with many of the best information security professionals in the world. In addition, their locations are not publicly disclosed and customers are not allowed to enter the facilities. Only well-screened employees are allowed to enter and then only on a strict need to access basis.
2. Certifications
AWS has been providing infrastructure for government agencies and other large entities around the world for more than a decade. As a result, it needs to carry an extensive list of security certifications from multiple ISO badges, to FedRAMP (U.S. government required), to PCI, HIPAA, SOC and dozens of others. AWS carries over 40 U.S and international audit certifications.
3. Encryption
AWS simplifies the use of industry leading encryption technology for securing data in transit and at rest. Encryption ensures that data is only accessible by authorized identities and/or services regardless of the location of that data.
4. Redundancy
AWS provides a highly available infrastructure spanning the entire globe. Each AWS region contains several availability zones made up of multiple distinct and highly secure data centers. Deployments on AWS can leverage these data center resources to maximize service availability in ways that couldn’t otherwise be reasonably achieved.
5. Security Services
We take advantage of multiple services offered by AWS to protect client data to supplement our security practices.ย If you need extra security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment. Ultimately, you can take control of your complete site.
Our Goal
Our goal in developing the Sherlock platform was to create a cloud-based software product that drives business value while meeting and typically exceeding our clients’ data protection and privacy requirements. The Merlin team works every day to earn the trust of our clients to host their data in the cloud more securely than if it was behind their own firewalls.ย
If you would like to know more about our security practices, reach us at sherlock@merlindm.com.ย ย
"Thereโs no silver bullet solution with cyber security, a layered defense is the only viable defense.โ