Deliver a secure experience.

Trust begins with security. Maxwell protects data with enterprise grade security, aiming to exceed industry standards when it comes to protecting you.

Our security approach.

The security of your data, and your borrowers’ personal & financial information, are a top priority for us. Here’s a look at our comprehensive approach to data security:

  • Our information security approach is multi-layered with robust access controls, monitoring and reporting, and infrastructure security.
  • We are open and transparent with our security program, including reviews, of our information security policies, third-party code reviews and penetration tests.
  • Maxwell is proudly SOC2 Type II Certified

Enterprise-grade encryption and data security.

Maxwell’s digital platform ensures security of data both at-rest and in-transit. 

  • Maxwell stores data encrypted at-rest with AES-256, block-level storage encryption. This is the same technology that banks use to keep personal account information safe. 
  • All requests and responses, including website and API access, enforce Transport Level Security (TLS) using SSL. 
  • Maxwell has secure and direct integrations with over 1,500 financial institutions, ensuring accurate and protected gathering of financial documents, bypassing unsecure email communication — protecting your borrowers and your organization from inaccurate or corrupted files. 
  • All information and documents uploaded, downloaded, or transmitted through Maxwell’s service are processed using secure data encryption as well as virus and malware checks.

Trusted data partners.

We hold our service partners to very high standards. 

  • We have deep partnerships with recognized hosting and content management partners with ISO 27001 and SOC2 Type II certifications, along with FINRA and Safe Harbor approvals. 
  • Data centers, co-location, and managed service providers undergo regular SOC1, SOC2, and/or ISO 27001 audits to verify their practices. Maxwell reviews the results of these audits at least annually as part of our vendor management program. 
  • In the event these audits have material findings which we determine present risks to Maxwell or our customers, we work with the service provider to understand any potential impact to customer data and track their remediation efforts until the issue has been resolved.