Security & Compliance

Our commitment to security extends beyond the protocols we build into our technologies. It guides every decision and action we take.

Security & Compliance
Security & Compliance

For Users

Coveo’s secure indexing architecture and library of connectors allows your organization to use our search solutions and apps with total confidence and peace of mind.
  • Single-Sign On (SSO), for unified search that honors user and group permissions across all enterprise content sources
  • Personal business content, like emails, can only be searched and seen by the individual user, and any designated super-users (e.g. compliance officers)

For IT Administrators

With Coveo, administrators have precision control over search security, including what data is indexed, which users have access, and what reporting and auditing capabilities are delegated to other members of the management team.
  • Several indexing connectors that support early binding security
  • Integrated security cache to ensure user and group securities reflect current permissions across your IT architecture
  • Administrator Security Browser, for unified collection, source, and document-level security controls management
  • Coveo Usage Analytics service to track all user queries and search activity
  • Fully scope-able reporting and auditing tasks, to align with your segregation-of-duties protocols
Administrator Permissions Filters
Security Control Levels
Security Cache and Trimming

For Information Security Professionals & CISO

We are dedicated to the security, privacy and integrity of our customers’ data.

Our Operations, Infrastructure, and Team Reflect this Commitment:

  • HIPAA compliance and SOC II examination
  • Strong logical and physical access controls
  • Regular application and source code scanning
  • Comprehensive background checks on all employees
  • 24/7/365 live, dedicated operations team
  • 3rd party vulnerability testing

Coveo is Architected to Meet the Most Rigorous Infosec and Compliance Requirements

  • Full isolation of customer data, with AES 256-bit encryption both in-transit and at-rest
  • Cloud architecture is distributed across multiple availability zones and geographical regions for data resiliency and high availability
  • Coveo indexes are stored in a proprietary binary (non-human-readable) format on encrypted volumes
  • Secure authentication with OAuth, network segmentation (multi-tier architecture), and automated intrusion detection and response systems
  • Comprehensive Disaster Recovery protocols, including distributed backups
Learn more about Coveo Cloud Security