Security overview

Security overview

DocuSign’s enterprise information security program is an integral part of our global operations. In fact, information security is in our DNA and engrained in our people, processes, and technologies.

Our approach is simple: every employee is responsible for information security, including protecting:

• DocuSign-owned information assets
• Customer and partner information assets
• The underlying technology infrastructure generated, processed, and stored in DocuSign environments

We further ensure the safety of customer data by restricting employee access to the DocuSign production environment to only ongoing maintenance activities. Employees with this access undergo additional information security training. 

As an agreement cloud company, we’ve also invested heavily in:

• Maintaining and growing our threat intelligence and cybersecurity capabilities
• Building a dedicated compliance team who provides independent assurance that our enterprise information security program meets or exceeds national and international security standards and follows industry best practices
• Supporting employees across all the information security domains with dedicated subject matter experts

Moreover, our program is subject to annual independent audits for compliance and industry standards certifications, ensuring that our program not only meets but exceeds the most stringent of security requirements.