Skip to Main Content

I was 30,000-feet in the air, somewhere between Boston and San Francisco, when my daughter needed my help. She’d recently graduated from nursing school and was trying to land her first place of her own.

I think any father can understand the feeling I had. She was about to launch the next adult phase of her life, and she needed a little assistance from her pops.

Luckily, the year was 2021, and all it took was a mouse click for me to help my not-so-little-anymore girl.

It’s the sort of thing that we take for granted these days—the type of everyday miracle that can easily get lost in the morass of bad news and worries blighting the modern landscape. It seems a small thing amidst COVID-19, lockdowns, inflation, and political strife. That’s not even mentioning everyday frustrations like tightening waistbands and broken shoelaces.

It’s no small thing, though. Not really.

A plane flies directly above buildings. View from the ground.

Many industries have a saying that encapsulates this idea – my editor says for writing its “easy reading is damn hard writing.” In this case, it would be something like “an easy product is damn hard business.”

Underneath that single click using the DocuSign platform, there are layers upon layers of challenges, security, and architectures that we, as everyday users, never see because all of that hard stuff is built right in.

It all comes together though so that, even 30,000 feet above the ground, a dad can help his daughter get her start in the world with a single click.

What is DocuSign?

DocuSign empowers businesses, customers, and collaborators to sign agreements securely and legally via computer.

In my case, DocuSign was the technology behind that 30,000-foot-high mouse-click that helped my daughter get her new home. DocuSign’s capabilities extend far beyond this single use-case, though, including (but not limited to):

  • Rent agreements
  • Purchasing orders
  • Vendor agreements
  • Compliance forms
  • Nondisclosure agreements
  • Invoicing
  • Pretty much anything requiring legally valid and secure signatures

Signatures made with DocuSign are every bit as binding as those made on paper. Its use has become so common today that we don’t really consider how powerful that that fact is, how much goes on behind the scenes to make this easy thing a possibility.

Building a digital system reliable and secure enough to stand up even in court poses a host of problems, starting with the simple fact that there is no physical handwriting with which to validate the hand that wrote it. And that’s just scratching at the surface of the challenges that DocuSign has overcome, like monitoring and management of infinite contract lifecycles (CLM) and AI.

Despite these difficulties, though, DocuSign has persevered and empowers us to sign important documents at any time of any day from anywhere.

But Is DocuSign Really Secure?

That’s really the crux of the matter, isn’t it? Despite widespread adoption and usage, there are still holdouts (understandably so), due to security issues. The short answer to this question, though, is, “Yes, DocuSign is secure.”

If it wasn’t, the product wouldn’t (and couldn’t, in some cases) be used by:

  • Over 1 billion individual users
  • 40 million clients
  • 3,000+ government agencies
  • 90 percent of the Fortune 500 companies

DocuSign meets or exceeds standards for both the United States Electronic Signatures in Global and National Commerce (ESIGN) Act and the Uniform Electronic Transactions Act (UETA) because, like previously mentioned, DocuSign signatures hold up in court.

DocuSign’s built-in digital audit trails eliminate human error versus wet signatures, and also provide more information than the way a person makes a particular loop of an ‘o’ – they retain IP addresses, dates, times, and location for every step of the contract lifecycle and process. This is all valuable information for courts.

In my case, obviously, the intent isn’t to end up in court over a lease agreement. There is comfort in knowing that, should an issue arise, the document my daughter signed on the ground and I signed in the air is admissible in court.

In reality, anything we ink our signature on (digital or wet) needs to be prepared as if court is a possibility.

Because of this, DocuSign takes security very seriously, ensuring digital signature security using three broad categories, with each having their own parameters of reliability.

A man signed a document with a calligraphy pen.

Physical Security

The actual, physical computers holding the records, better known as servers, as well as employees and executives (who can be individually targeted by cybercriminals) have a slew of protections about them, including:

  • Top-of-the-line firewalls and malware protection
  • Physically and logically separated networks stores in multiple facilities spread around the world and using energetic and redundant systems
  • Nearly real-time record replication
  • 24-hour physical onsite inspection and protection via security cameras and guards
  • Strict personnel access controls
Platform Security

DocuSign puts the utmost effort into protecting the data inside the servers, the valuable documents being sent through:

  • Requiring data to give right-of-entry and transfer through Hypertext Transfer Protocol Secure (https)
  • Envelope Histories and Certificates of Completions that keep step-by-step record of the path the signature
  • Signature verification
  • Multiple authentication options that can be customized by users
  • Automated alerts that catch evidence of tampering
  • Security Assertion Markup Language
Security Certifications and Methods

DocuSign employees, vendors, and all other persons working with the product are proficient in maintaining the security of DocuSign infrastructure. DocuSign:

  • Meets or exceeds standards of compliance with various laws, policies, and standards, including ISO 27001:2013 (the world’s highest level of safety assurance), SOC 1 and 2, the Payment Card Industry Data Security Standard, Cloud Security Alliance Security Trust Assurance and Risk, and others.
  • Employs security management techniques and practices
  • Carefully manages and trains employees in best cybersecurity practices
  • Performs daily digital security audits

A smartphone on a bright yellow background. It has a purple screen with a white lock in the center.

Secure Then, Secure Now

This company began as a pioneer in reliable signature technology and, today, is at the forefront of innovation in the CLM field. DocuSign takes great pains to meet or exceed the most stringent protection requirements of the United States, the European Union, and other major standard-setting bodies worldwide.

That security holds true whether being used for full contract lifecycle management or simply signing a document while flying to and from a conference — a capability that I will forever be grateful for because it let me be “there” for my daughter even when I couldn’t physically be present.

DocuSign let me be Super Dad™ all with a single click.

John Santos
Manager in the DocuSign Practice, Spaulding Ridge
About the Author

John Santos is a Manager in the DocuSign Practice at Spaulding Ridge. He is a customer-focused business partner with 20+ years of experience.