Skip to content
English
Create support ticket
Go to CINCEL
  • There are no suggestions because the search field is empty.

What is the Zero Trust Security Model and how does Cincel apply it?

In today's digital ecosystem, where cyber threats are increasingly sophisticated, security cannot be an option, but a fundamental pillar. At Cincel, our mission is to ensure that your documents and digital transactions have maximum protection and legal validity. Therefore, we adopt and apply the robust Zero Trust Security Model.

This model represents a revolutionary security philosophy that starts from a simple but powerful premise: "Never trust, always verify." Instead of assuming that everything inside a network is secure, Zero Trust assumes that any user or device, whether internal or external, could be a potential threat.

 


What is the Zero Trust Model?

The Zero Trust model is based on three fundamental principles:

  • Explicitly Verify: Every person or device attempting to access a resource must be rigorously authenticated and authorized, regardless of their location or whether access has been previously granted. Identity and device integrity are validated before any connection.
  • Least Privilege Access: Users are granted the lowest level of access necessary to perform their activities. This access is granted temporarily and is continuously evaluated.
  • Assume Breach: Organizations must operate under the premise that a breach is inevitable. Therefore, security controls and constant monitoring are implemented to quickly detect and contain any unauthorized access.

 

By implementing these principles, Zero Trust eliminates the idea of a trusted network perimeter and requires constant verification at every access point.


Cincel and the implementation of Zero Trust

At Cincel, we integrate Zero Trust principles into every layer of our platform to protect your documents and data with maximum rigor.

  1. Explicit Verification in each Interaction: 
    • User and Signer Authentication: Every access to Cincel requires explicit authentication. For platform users, this involves a secure login. For guest signers, a secure link and, in some cases, a unique access code are generated, ensuring that only the authorized person can access the document. 
    • Limited handling of the e.firma: We understand the sensitivity of your e.firma. Therefore, at Cincel, we never store your .CER, .KEY files or your password. Every time you sign with e.firma, you must upload them again, guaranteeing that only you have absolute control over these critical elements and that they do not persist in our systems. 
    • Proof of Life (Identity Verification): For transactions that require an additional layer of certainty about the signer's identity, we offer the Proof of Life option. This involves a biometric verification that ensures the person signing is truly who they claim to be, adding an explicit and robust validation. 
    • Geolocation: If the document creator configures it, Cincel requests geolocation at the time of signing, adding a verifiable data point about the location from which the action is performed. 
    • Detailed Audit Trail: Every action in Cincel is meticulously recorded in an Audit Trail. This digital certificate details who signed, when, from which IP address, with what type of signature, and if any identity verification was performed, creating an immutable record of all interactions.
  2. Least Privilege Principle: 
    • Specific User Roles: Our platform is designed with user roles (Administrator, Editor, Reader) that grant strictly necessary access to documents and functionalities. Signers and observers only have access to the specific documents they were invited to, limiting information exposure. 
    • Controlled access to documents: Documents are only visible to their creator, invited signers, and team members with appropriate permissions. Cincel does not grant generalized access to information, ensuring confidentiality. 
    • Privacy of document content: Cincel processes documents and generates cryptographic hashes to ensure their integrity, but does not access or store the content of your documents for its own purposes. The privacy of your information is paramount.
  3. Assuming a security breach (Assume Breach) with multiple security levels: 
    • AWS Cloud Infrastructure: Cincel is hosted on Amazon Web Services (AWS), the world leader in cloud services. AWS operates under strict Zero Trust principles and provides a robust infrastructure with multiple layers of physical and logical security, continuous monitoring, and world-class compliance certifications. 
    • Data encryption: All communications and data in transit in Cincel are protected by SSL/TLS encryption, guaranteeing the confidentiality and integrity of information while it is transmitted. 
    • Notarization with Blockchain: As an additional and redundant layer of security, Cincel notarizes your documents with Bitcoin and Ethereum Blockchains. This creates an immutable and publicly verifiable record of the existence and integrity of the document at a specific point in time, offering external proof even if internal systems were compromised.

The implementation of the Zero Trust Security Model in Cincel is not just a feature; it is the foundation of our promise of security and trust. By verifying every interaction, limiting access privileges, and building multiple layers of defense, we guarantee that your digital documents are protected under the most demanding standards, giving you the peace of mind that your agreements are secure, legal, and completely reliable.

 

💡Cincel Tip: The combination of the NOM-151 certification issued by an authorized Certification Service Provider (PSC) and Blockchain notarization ensures the integrity of your documents over time, providing them with "Certain Date" and unshakeable probative value.