Data and Security Best Practices at Litify
Data and Security Best Practices at Litify
Everyday legal teams handle confidential materials ranging from medical documents to contracts, so it’s understandable that security is top-of-mind when searching for a legal operating platform. To ensure the security of not only your information but also your client’s information, Litify’s security measures were recently audited by Secure Being. In addition, Litify has received SOC 2 Type I and Type II attestation reports.
Litify: Built on two trusted cloud platforms
The Litify platform is built on two of the most widely used and trusted cloud platforms: Salesforce and Amazon Web Services (AWS). The foundation of Litify is built and maintained through Salesforce, while AWS is the substructure for some of the platform’s key assets, such as Docrio, Litify’s very own document management system.
Salesforce and AWS allow Litify exclusive flexibility and customization while also implementing substantial security measures that are used by major companies across the globe.
Major corporations rely on Salesforce’s data security measures, including NASA, the Department of Defense, and nearly all Fortune 500 companies. That’s because Salesforce is committed to privacy and cybersecurity as well as to ensuring the platform is available 24 hours a day, seven days a week — and has proven reliability 99.9+% uptime record for years.
Litify & Salesforce Data Security
All of Litify’s customer data is stored within Salesforce data centers that are maintained through secure servers and are only accessible to authorized administrators. Litify is not an authorized administrator and does not have access to these databases.
Innately, the Salesforce platform presents extensive measures when it comes to being able to access client data, such as multi-factor authentication and encryption, along with specific user-level permissions.
The Litify Support team may request Login Access to your database if login is needed to resolve an issue rooted in a customer inquiry. This includes needing to troubleshoot, replicate, or upgrade. For Litify Support to gain access, customers must follow the “Grant Litify Support Team Access” process to assure Litify Support may log in to your database with clear permission and authentication.
Most importantly, third parties are not allowed to access customer information within Litify. This includes all Litify employees, investors, shareholders, and board members.
Litify & AWS Data Security
Litify manages the storage of documents on Amazon Web Services (AWS). AWS is secured using multi-factor authentication as well as regulated monitoring and alerts. Our engineering team is constantly running security evaluations to ensure protection on our document management platform, Docrio, which is hosted on AWS.
Access to AWS is restricted to certain personnel internally and externally to the customer’s organization. Litify employees do not have access to any of our customer’s document databases managed through AWS unless we are granted access following a strict approval process. For more information on AWS security, please visit the AWS Data Center website.
Read more from our security audit by Secure Being.
Litify & SOC 2 data security
Developed by the AICPA, SOC 2 is an extensive auditing procedure that ensures a company is handling customer data securely and in a manner that protects the organization as well as the privacy of its customers. SOC 2 is designed for service providers who store customer data in the cloud. This rigorous, independent assessment of Litify’s internal security controls serves as validation of our dedication and adherence to the highest standards for security, confidentiality, privacy, and processing integrity.
Litify has successfully completed SOC 2 Type I and Type II audits, both performed by Sensiba San Filippo, LLP (SSF). A SOC 2 Type I report describes a service organization’s systems and whether the design of specified controls meets the relevant trust services categories at a point in time. The SOC 2 Type II report describes a service organization’s systems and whether the design of specified controls meets the relevant trust services categories and assesses the effectiveness of those controls over a specified period of time. Litify received reports for both of these certifications.
The Litify team works tirelessly to ensure all our customer data is 100% secure and unbreachable. To learn more about our security measures and how we can protect your firm’s data, request a demo below.