Docusign Trust Center

Trust Center

Your source for our latest security &
system performance information

Meeting the most rigorous security standards in the world

DocuSign meets and exceeds some of the most stringent US, EU, and global security standards. DocuSign's commitment to and significant ongoing investment toward protecting customer data extends to all of DocuSign's operating environments, not just the core DocuSign Signature service itself —and third-party audit reports back it up. DocuSign is ISO 27001:2013 and SSAE 16, SOC 1 Type 2, SOC 2 Type 2 certified and tested internationally – across the entire company and its data centers.

Learn More

Jan. 12, 2018

Update 1/12/2018 - DocuSign Meltdown and Spectre Response Status

Our security and engineering teams have completed validation testing and have been actively rolling out patches to address the Meltdown and Spectre vulnerabilities across all of our environments. We have taken a methodical approach to remediation using a canary system ...

Jan. 4, 2018

Update 1/4/2018 – DocuSign Meltdown and Spectre Security Alert Status

On January 4th three information security vulnerabilities were released, CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754, which exploit critical vulnerabilities in modern processors. These hardware bugs, known as Meltdown and Spectre, allow an application unauthorized access to read system memory.

Upon learning of ...

Dec. 5, 2017

Update 12/5/2017 @ 9 AM Pacific Time - New Phishing Campaign Observed Today

DocuSign has observed a new phishing campaign that began the morning of December 5th (Pacific Time)