Industry Leader in Data Security
At LawLogix, we believe in adhering to only the strictest of security standards. Unlike other vendors in this space, LawLogix owns ALL the hardware related to our private cloud environment to provide genuine data segregation and security that far exceeds industry regulations.
In our rigorous attempts to ensure the highest level of system security, we contracted with a security expert, SecureWorks, to conduct a $50,000 evaluation of our security practices. This was not just a quick PEN Test performed with free software, but a combination of automated and manual penetration testing, web application testing, network configuration analysis, and a social engineering exercise. The successful completion of these evaluations confirmed our multi-layered approach to security is best in class.
Protection from Data Loss
Unlike most vendors, LawLogix owns and utilizes distributed SAN (Storage Area Network) technology. While upfront costs are high, experts agree that using a SAN is the best defense to catastrophes because it provides superior protection against data loss in a disaster event. Applications running traditional servers may fail through data corruption caused by the server disks, but the storage arrays in a SAN use superior algorithms to make sure your data will always stay consistent.
Continuous Up-time and Service
LawLogix uses Certified SSAE 16 SOC 1 Type 2 Facilities to ensure privacy and continuous up time and service. LawLogix cyber-threat resistant multiple UNIX server clusters are hosted at CyberTrails, a Tier 1 co-location facility located in seismically neutral, non-flood, non-fire risk zone with the primary facility located in Phoenix, Arizona.
Access to the facility is controlled by biometric authentication, swipe card validation, sign-in logs and 24-hour video monitoring.
Highest Level of Data Encryption
All client Personal Identifiable Information (i.e. Social Security number, date of birth, etc.) is encrypted ‘at rest’ with the highest level of security allowed by U.S. law, currently 128-bit AES.
All communications (i.e. in transit) between clients and our servers are encrypted with VeriSign Class 3 256-bit Encryption utilizing SSLv3/TLSv1.
Intrusion Detection/Prevention System
A Tipping Point IDS/IPS is used to scan the network and prevent malicious attacks. State monitoring occurs every 20 seconds, 10 seconds for HA Failover, throughout the IDS/IPS to ensure all systems are running at optimal performance.
LawLogix utilizes McAfee Secure® to conduct enterprise level vulnerability scanning and daily penetration testing. Any vulnerabilities detected by McAfee are immediately tested in our Development environment before deploying to the production environment.
LawLogix employs a typical SaaS architecture with a front-end web server, an application server, a reports server and a database server. All of these components reside behind dual redundant 3Com X-5 firewalls with 24/7 live intrusion monitoring and prevention.