Security & Trust

At Duck Creek, our goal is to provide a safe and secure environment leveraging leading technology and best practices to protect your most sensitive data and help you manage your compliance requirements.

Security Trust Hero
Shared Responsibility

Our SaaS platform called Duck Creek OnDemand provides a shared model for how our services are provided. Together with Microsoft and their Azure cloud services, we partner with customers to create a secure, flexible architecture supporting security and regulatory requirements in the cloud.

Physical Security

Microsoft’s Azure Cloud services are trusted by over 95% of Fortune 500 businesses and support over 90 compliance offerings in 140+ countries, providing levels of physical security that most companies struggle to achieve. For more information about Azure Compliance, please visit the Microsoft Trust Center at https://www.microsoft.com/en-us/trust-center.

Security Operations

Duck Creek has a dedicated staff covering security operations, security architecture and our governance, risk, and compliance initiatives. This team is lead by the Duck Creek Chief Information Security Officer operating out of our Rosemont, IL office where our Security Operations Center is located. The security operations staff monitors activity 24×7, protecting against malicious activity and is ready to respond to any incident.

Architecture

Our OnDemand services are architected to provide numerous layers of protection, including web application firewalls and secure gateways at the edge, network isolation, multi-factor privileged access management, host-based firewalls, content filtering and advanced threat prevention to name a few. For more details on how OnDemand is built with security by design, please review our OnDemand Security White Paper.

Compliance

Regulatory requirements continue to evolve requiring businesses to meet a multitude of controls related to privacy and data integrity. These requirements are complex and vary based on region, industry, and the nature of the data involved. Duck Creek reviews regulatory requirements applicable to Duck Creek as a SaaS provider in the IT services industry to assist our Customers to achieve their compliance requirements.

Duck Creek OnDemand offerings are ISO 27001 compliant, and we conduct annual SOC 1 Type II and SOC 2 Type II independent audits. Additionally, we perform annual risk assessments and internal audit. Duck Creek understands the importance of providing our customers with a robust information security program that provides market standard options expected from an important third-party SaaS provider.

Resources
Learn More

If you are an existing Duck Creek customer or partner, please visit the Solution Center to download these documents. Otherwise, please contact information.security@duckcreek.com to request a copy.

OnDemand Security White Paper
Learn more
ISO 27001 Certification
Learn more
SOC 1 Type II Report
Learn more
SOC 2 Type II Report
Learn more
PCI-DSS SAQ-D SP
Learn more
Duck Creek DORA Whitepaper
Learn more

How can Duck Creek Help You?

Modernize your operations, unlock AI-powered insights, and deliver better outcomes—at your pace.

Select your locations and language
Select Your Language
Locations
Boston, Massachusetts (HQ)
100 Summer St 8th Floor Suite #801
Boston, MA 02110
(833) 798 7789
Columbia Office
1441 Main St #400
Columbia, SC 29201
Bolivar, Missouri
1807 W Jones St
Boston, MO