ABBYY Cloud OCR SDK is a cloud-based service that can be integrated into your applications via REST API. Utilizing HTTPS requests, a variety of applications can be connected to the service, independently of their programming languages or supported platforms.
Trusted cloud environment on Microsoft Azure
ABBYY Cloud OCR SDK service is hosted on Microsoft Azure. All data, including personal data and uploaded documents, is processed and stored on Azure servers. No information is stored outside of the Microsoft Azure environment.
Microsoft is responsible for the security of the hosting Azure environment, including physical security, fault-tolerance, and redundancy, as well as operations and personnel security. Microsoft’s security procedures include encrypted communications and operational processes, identity and access management, intrusion detection, DDoS attack prevention, penetration testing, and other security measures. Microsoft’s security procedures and measures are described here.
ABBYY is responsible for the security and operations of the ABBYY Cloud OCR SDK service application, including the security of the operations and personnel security of ABBYY’s part of the service. ABBYY’s technical and organizational security measures include deployment of a variety of security technologies and procedures that prevent unauthorized access, use, or disclosure of uploaded documents and resulting data as well as protection of personal information.
GDPR compliant data processing
Your data will be processed in accordance with the GDPR requirements, if either:
- You choose Europe as the data processing location.
- Your domicile is in a country that is a member of the European Economic Area (EEA), the United Kingdom, or Switzerland.
Commissioned data processing
ABBYY offers data processing on ABBYY Cloud OCR SDK according to the European data protection laws for commissioned data processing of personal data.
Organizational security measures
Data access
ABBYY Cloud OCR SDK service is designed to be run without routine access to customer data by ABBYY personnel. A limited number of authorized ABBYY personnel may technically access customer data, while nobody at ABBYY is allowed to review your data.
Access levels
Access to the service by ABBYY employees is controlled and logged. Whilst there are several access levels, only a limited number of employees have access to the part of the system containing confidential data.
Auto-deletion
All uploaded data is automatically deleted from the service storage within 48 hours.
Encryption
ABBYY Cloud OCR SDK service utilizes encrypted data transfer using HTTPS protocol. Within the Microsoft Azure environment, the data transfer between storage and processing nodes is encrypted.
Code security
ABBYY Cloud OCR SDK was built using best practices for fail-safe architecture creation. In order to eliminate any critical issues we test ABBYY Cloud OCR SDK service for vulnerabilities every 6 months using application security scanners such as OWASP ZAP and xSpider.
Security certificate SOC 2 Type II
ABBYY Cloud OCR SDK is SOC 2 Type II certified – PwC (PricewaterhouseCoopers) has evaluated our product, infrastructure, and policies, and certifies that our service complies with SOC stringent requirements.
Data processing locations
All data is processed and stored within the Microsoft Azure environment in the Microsoft Azure data centers.
ABBYY Cloud OCR SDK leverages Microsoft Azure data centers located in the European Union and in the United States.
Prior to connecting your software applications to the ABBYY Cloud OCR SDK service, you can select the appropriate location where the data will be stored and processed.
Storage and automated deletion of documents
The documents are only stored on the service prior and during the actual processing step. After the processing step, document images and recognition results are irrevocably deleted in one of two ways:
- Immediately after the processing step, by using an API call.
- Within 24 hours after processing (per default settings).
All documents, including unprocessed document images, are automatically deleted within 48 hours after their upload.
Access to document images
ABBYY Cloud OCR SDK is an automated cloud-based service that processes uploaded document images fully automatically without any human intervention.
Access to the service for ABBYY employees is strictly restricted and seamlessly logged.
ABBYY employees have no access to uploaded document images and recognition results. Exceptional access is allowed only in critical situations when an image would adversely affect the functionality of the service.
24x7 monitoring of cloud operations
To assure high availability of the service, the performance of ABBYY Cloud OCR SDK is constantly monitored by a number of automated systems.
In case of any issue, a dedicated support team will be automatically instantly notified to resolve the issue.
Transparent information about the system’s performance
Users of ABBYY Cloud OCR SDK can continuously monitor the performance of the service via the Service Status Monitor Dashboards available for each data processing location. They can receive data about incoming workload, server load, and average time for queuing prior to processing as well as information about the availability of all subsystems in real time.
Service level agreement
ABBYY guarantees a minimum of 99% uptime for the ABBYY Cloud OCR SDK service.
Comments
0 comments
Please sign in to leave a comment.