Security & SOC 2 Compliance for Tax Client Documents
XyloDocs' secure document exchange is one part of our AI client communication platform for tax firms.
Your clients trust you with their financial lives.
You trust us with their documents. Here's exactly how we protect that trust.
Security program overview
Hosting, encryption, product controls, and compliance status — organized by topic below.
🏢 INFRASTRUCTURE
Hosting
AWS (Amazon Web Services)
Region
US East (Primary)
Uptime
99.9% SLA
Backups
Daily automated backups, 30-day retention
Redundancy
Multi-region deployment
🔐 ENCRYPTION
In Transit
TLS 1.3 (latest standard)
At Rest
AES-256 (military-grade)
Architecture
Zero-knowledge encryption
What this means: Your documents are encrypted before reaching our servers. We cannot decrypt or access your files, even if requested.
SSL Labs Rating
Overall Grade: A
Certificate
100
Protocol Support
100
Key Exchange
100
Cipher Strength
100
🛡️ SECURITY FEATURES
Automatic link expiration
Shared links automatically expire after set time periods
Password-protected shares
Add password protection to any shared document
Virus/malware scanning
All uploads are automatically scanned for threats
Audit logs
Track every access and action with comprehensive logging
Rate limiting
Prevent abuse with intelligent rate limiting
Email verification
All accounts require verified email addresses
Session timeouts
Automatic session expiration for enhanced security
📋 COMPLIANCE
❓ QUESTIONS?
Security concerns: security@xylodocs.com
General inquiries: hello@xylodocs.com