Top 6 Immigration Software Security Questions to Nail in an RFP
- Will your case management system encrypt PII information both in transit and at rest? Is the information contained in employee files encrypted at the database level to further protect it from unauthorized access?
2. Data Center Security Certification
- Do the data center locations have SAS 70 Type II certification? Is this documented and can it be provided upon request?
3. Intrusion Prevention Systems
- Does the case management system employ intrusion prevention systems? Are these tested on a regular basis?
4. Documented Security Programs
- Does the case management system have documented security policies and programs in place including the regular education and testing of software vendor staff on security practices?
5. Disaster Recover and Cyber Insurance policies
- Does the case management system have a documented disaster recovery plan and appropriate cyber Insurance policies in place?
6. Secure Communication Systems
- Does the system provide a secure method of communicating with employees that does not rely on e-mail? (To protect against the sharing of sensitive client information via e-mail).
While it’s tempting to just say “yes” to all of these questions, a sophisticated client will want more in terms of details, documents, and even security references. To answer these properly and confidently, you need a case management partner with the deep investment in security infrastructure, expertise in security measures and experience in working with corporate client Security Auditors. This combination of attributes is a phone call away if you are using the EDGE system by LawLogix. Assistance with RFPs and written or phone security audits are part of our daily service to law firm clients. If you are preparing for an upcoming RFP or you have received a security audit questionnaire from one of your existing or prospective clients, make sure you reach out to your EDGE contact for assistance. At LawLogix, your success is our number one priority!