SlideShare una empresa de Scribd logo

Law Firm Security and Data Redundancy

MyCase Legal Case and Practice Management Software
MyCase Legal Case and Practice Management Software

Here at MyCase, we understand that you have an ethical obligation to maintain confidentiality. That’s why keeping our customers’ data secure is one of our top priorities. Managing privileged case information for thousands of attorneys (and their clients) is a responsibility that we take very seriously. We understand that some lawyers may be nervous about moving their data into the cloud. You undoubtedly have lots of questions about the steps we take to ensure that your law firm’s data is safe and secure. What steps are being taken to protect my data? Does the company understand the unique concerns of lawyers? What will happen to my firm’s data in the event of a natural disaster? How financially stable is the company that will be hosting my law firm’s data? In this whitepaper, we will answer all of those questions and provide an overview of how we ensure the security of your law firm’s data, in part by providing redundant data storage and backup. Our goal is to put your mind at ease by sharing our security procedures, which are relied upon by thousands of attorneys just like you trust who MyCase to help them manage their law firms.

Derecho
1 de 8
Descargar para leer sin conexión
Law Firm Security and Data Redundancy Law Firm Security and Data Redundancy
Cloud computing may be a new concept to you, but rest assured, even if you’re not familiar with what cloud computing is, you’re probably already using it in your law practice. The concept of cloud computing is simple: when you store documents online, whether in MyCase, as web-based email attachments, or via a stand- alone online storage solution, you’re storing them “in the cloud.” In other words, your law firm’s digital data is in the cloud when it’s being stored on servers owned and maintained by a third party rather than your law firm. What is Cloud Computing?2. Here at MyCase, we understand that you have an ethical obligation to maintain confidentiality. That’s why keeping our customers’ data secure is one of our top priorities. Managing privileged case information for thousands of attorneys (and their clients) is a responsibility that we take very seriously. We understand that some lawyers may be nervous about moving their data into the cloud. You undoubtedly have lots of questions about the steps we take to ensure that your law firm’s data is safe and secure. What steps are being taken to protect my data? Does the company understand the unique concerns of lawyers? What will happen to my firm’s data in the event of a natural disaster? How financially stable is the company that will be hosting my law firm’s data? In this whitepaper, we will answer all of those questions and provide an overview of how we ensure the security of your law firm’s data, in part by providing redundant data storage and backup. Our goal is to put your mind at ease by sharing our security procedures, which are relied upon by thousands of attorneys just like you trust who MyCase to help them manage their law firms. At MyCase, Security is Our Top Priority1. What is Cloud Computing? 1 A Brief Overview of MyCase’s Security Policies 2 Steps You Can Take to Protect Your Firm’s Data 6 TABLE OF CONTENTS MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 1
Amazon’s Cloud Computing Platform MyCase runs on Amazon Web Services’ EC2 cloud computing platform. We chose Amazon’s EC2 cloud servers because Amazon has over a decade of experience managing cloud servers across 16 different geographical regions across the United States for some the biggest companies in business today. Because of the breadth of Amazon’s experience providing cloud computing services, you know you can trust them to be at the leading edge of online service technology. Amazon has strict procedures in place, which protect the physical security of their servers and safeguard the integrity of their data. Amazon’s data centers and network architecture are built to meet the requirements of the most security-sensitive organizations. A Brief Overview of MyCase’s Security Procedures2. So, if you’ve ever used Westlaw, Google Drive, or Dropbox, you’ve used cloud computing. Your online bank account and every bill you pay online are also managed in the cloud. If you’ve ever used any of these online tools, you’re probably already well aware of the many benefits gained by using cloud computing. For starters, costly solutions like in-house IT departments, expensive servers, and up-front infrastructure costs are avoided when you leverage cloud computing. Another benefit of cloud computing is the convenience and mobility it offers lawyers. The ability to access your law firm’s case files 24/7, from any location, using any Internet-enabled device is an incredible convenience. But there’s more to cloud computing than simply IT savings and mobility; the security it provides your law firm is likewise immeasurable as well. You can learn more about Amazon’s cloud infrastructure and security at: http://aws.amazon.com/security/. In addition to Amazon’s security standards, our network traffic is isolated from other AWS customers via Virtual Private Cloud (VPC) dedicated to MyCase customers only. We communicate with our database using a secure connection and aggressively protect access to our servers with firewalls. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 2
For added peace of mind, view our real-time SSL Labs test times and grade: https://www.ssllabs.com/ssltest/analyze.html?d=www.mycase.com&hideResults=on State of the Art Encryption When you connect to our servers, your data is encrypted before transmission using 256-bit SSL connection. If the user’s internet browser does not support full 256-bit encryption, the connection degrades to 128- bit, but by default your data is protected with the highest, state-of-the-art encryption available. Our cipher suites also support Perfect Forward Secrecy (PFS) which prevents backward decryption of stored data should keys be compromised in the future. This is the same type of secure connection you use when using online banking, investments, healthcare portals, etc. Encrypting your transmission ensures that nobody can intercept your data along the way, and verifies it is truly you who is connected to our servers and not an impostor. MyCase was founded by an attorney and designed from the ground up with the unique security needs of attorneys in mind. MyCase is backed by our parent company AppFolio, Inc (NASDAQ: APPF), a leader in cloud-based software for different business verticals. That means that as a MyCase customer, the company you trust to manage your law firm data has the additional resources and support of a publicly traded company specializing in SaaS (Software as a Service) technologies. This experience ensures that we’ve built a secure online platform for lawyers that you can trust. This isn’t the first time we’ve been down this road; we’ve seen and learned a lot along the way. We’re constantly monitoring the latest security threats, and evolving and adapting our service to address any issues that may arise. Experience Counts When it comes to protecting data for your law firm — experience counts. Our in-house security team performs internal security audits on a regular basis to ensure our system is secure and your information is protected. We run static analysis tools on our code regularly, and we automatically scan lists of known vulnerabilities (CVEs) for references to the software on which we depend. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 3
When you give your clients access to your firm’s MyCase Client Portal, they are granted access only to the appointments, documents, and invoices you explicitly share with them and access can be changed at any time. By default, any contacts you add to MyCase are enabled for the MyCase Client Portal since the client portal is a built-in security tool designed for your law firm. It allows you to communicate and share items with your client in a much more secure way than traditional email. By giving your clients their own username and password, they are able to have peace of mind as well knowing their case information and documents are protected within MyCase and are only accessible by people who have permission to do so. In addition to the security steps Amazon and MyCase take on the server side, there are also a number of features built into MyCase that will help keep your firm’s data protected. For example, MyCase will automatically log users out during times of inactivity or when the account has been accessed on another machine. MyCase stores passwords using the latest top security recommendation. We add per-user random information (salts) to passwords, before hashing them with bcrypt, an algorithm designed to be resistant to brute-force attacks. In fact, MyCase only allows a certain type of password (called a “salted, bcrypted password”), which helps resist brute-force attacks and provides that added protection. You also have many different permission settings and access controls in MyCase that give you further protection. Permission settings allow you to control what each user can access within MyCase, including staff, co-counsel, and clients. Protection in MyCase3. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 4
Two-Factor Authentication MyCase offers Two-Factor Authentication via Google Authenticator, giving you an additional level of law firm security in the cloud. Two-Factor Authentication (or 2FA) is a security feature that makes it extremely difficult for unauthorized users to access your account. In the event that your username and password are compromised, 2FA would still prevent someone from gaining access to your confidential data. Logging into a web-based software system that does not implement 2FA is a simple, one-step process. All the user has to do is enter the correct username and password, at which point the entire database of sensitive client information is made available. Logging into a 2FA system, however, requires an additional login step. After users input correct username and password combination, they are not immediately logged into the system. They are instead taken to a second login screen which prompts them to enter a temporary verification code that is a Time-Based One- Time Password with a 10-byte secret key generated by a CSPRNG. The first time setting up 2FA in MyCase you’ll need to go to Settings>My Profile>Two-Factor Authentication and follow three steps, starting with downloading Google Authenticator on your iPhone, Android, or Blackberry device. As web-based portals become increasingly common in other industries, it’s not surprising that many legal clients now expect instant access to case-related information. Practice management software with built- in, secure web portals can improve client communication by providing them with 24/7, convenient, and secure access to their case information. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 5
Hopefully this guide has addressed any concerns you may have had about data security and cloud computing, but the truth is no matter how many steps companies can take to secure your data (whether it’s Amazon or even your local Internet Service Provider), the most common cause of data loss is caused by the human element. That’s why it’s important that you take steps to secure your account (in addition to setting up 2FA): • Use a strong password (MyCase will even tell you how strong your password is). • Don’t use the same password for MyCase that you use for other websites. • Use at least 10 characters and include a special character, number, and at least 1 capital letter. • Don’t give your MyCase password to anyone else, and change it frequently. • Make sure that other people can’t access your e-mail — otherwise they could reset your MyCase password and gain access to your account. Should you ever feel that your account has been compromised, contact us right away! We can freeze access to your firm’s account, immediately locking out all users until we can ensure that everything is secure. Still don’t believe us? See what your peers have to say about how MyCase’s security provides peace of mind and is helping to transform their law practice. We understand how important security is to your law firm. That’s why multiple security features are built into MyCase. Our goal is to ensure that MyCase is reliable and that your law firm data is protected and secure; that way you aren’t distracted by IT concerns and can focus on doing what you do best: practicing law. What You Can Do to Protect Your Data4. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 6
Get a Personalized Walkthrough of MyCase. Get Your One-On-One Demo No credit card required ABOUT MYCASE MyCase, a subsidiary of AppFolio, is an affordable, intuitive and powerful practice management software designed for the modern law firm. Easily organize your firm with a complete solution—contacts, calendars, cases, documents, time tracking, and billing. Reap the time-saving benefits of MyCase’s integrated client portal so everyone stays informed and connected. Learn more at www.MyCase.com. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 7

Recomendados

Data Redundancy & Update Anomalies
Data Redundancy & Update AnomaliesData Redundancy & Update Anomalies
Data Redundancy & Update AnomaliesJens Patel
 
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...MyCase Legal Case and Practice Management Software
 
Kittys network power point
Kittys network power pointKittys network power point
Kittys network power pointkjowellmchughcpps2016
 
A Monitor System in Data Redundancy in Information System
A Monitor System in Data Redundancy in Information SystemA Monitor System in Data Redundancy in Information System
A Monitor System in Data Redundancy in Information Systemijsrd.com
 
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...RightScale
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft AzurePRAGMA PROGETTI
 
[Infographic] Criminal Offense Statistics and Caseloads in 2015
[Infographic] Criminal Offense Statistics and Caseloads in 2015[Infographic] Criminal Offense Statistics and Caseloads in 2015
[Infographic] Criminal Offense Statistics and Caseloads in 2015MyCase Legal Case and Practice Management Software
 
Dangerous Dogs Laws: Barking up the wrong tree?
Dangerous Dogs Laws: Barking up the wrong tree?Dangerous Dogs Laws: Barking up the wrong tree?
Dangerous Dogs Laws: Barking up the wrong tree?Jill Dickinson
 

Recomendados

Data Redundancy & Update Anomalies
Data Redundancy & Update AnomaliesData Redundancy & Update Anomalies
Data Redundancy & Update AnomaliesJens Patel
 
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...
(Webinar slides) Your client posted What!!? Top Social Media Concerns for Law...MyCase Legal Case and Practice Management Software
 
Kittys network power point
Kittys network power pointKittys network power point
Kittys network power pointkjowellmchughcpps2016
 
A Monitor System in Data Redundancy in Information System
A Monitor System in Data Redundancy in Information SystemA Monitor System in Data Redundancy in Information System
A Monitor System in Data Redundancy in Information Systemijsrd.com
 
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...
Transitioning to the Cloud: Implications for Reliability, Redundancy & Recove...RightScale
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft AzurePRAGMA PROGETTI
 
[Infographic] Criminal Offense Statistics and Caseloads in 2015
[Infographic] Criminal Offense Statistics and Caseloads in 2015[Infographic] Criminal Offense Statistics and Caseloads in 2015
[Infographic] Criminal Offense Statistics and Caseloads in 2015MyCase Legal Case and Practice Management Software
 
Dangerous Dogs Laws: Barking up the wrong tree?
Dangerous Dogs Laws: Barking up the wrong tree?Dangerous Dogs Laws: Barking up the wrong tree?
Dangerous Dogs Laws: Barking up the wrong tree?Jill Dickinson
 
Accenture SaaS Financial Applications
Accenture SaaS Financial ApplicationsAccenture SaaS Financial Applications
Accenture SaaS Financial ApplicationsDave Kellogg
 
Redundancy
RedundancyRedundancy
RedundancyDr.Manishankar Chakraborty
 
NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I Mukalele Rogers
 
Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01gameaxt
 
Microsoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudMicrosoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudAidan Finn
 
Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]vaishalisahare123
 
(Webinar Slides) What Can Law Practice Management Software Do For You?
(Webinar Slides) What Can Law Practice Management Software Do For You?(Webinar Slides) What Can Law Practice Management Software Do For You?
(Webinar Slides) What Can Law Practice Management Software Do For You?MyCase Legal Case and Practice Management Software
 
Network Topology
Network TopologyNetwork Topology
Network TopologyShino Ramanatt
 
Network topology
Network topologyNetwork topology
Network topologylekshmik
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureEduardo Castro
 
Topology presentation
Topology presentationTopology presentation
Topology presentationJobaida Nahar
 
Data base management system
Data base management systemData base management system
Data base management systemNavneet Jingar
 
Database management system
Database management systemDatabase management system
Database management systemRizwanHafeez
 
Data Base Management System
Data Base Management SystemData Base Management System
Data Base Management SystemDr. C.V. Suresh Babu
 
Network topologies
Network topologiesNetwork topologies
Network topologiesNorah Saad
 
The New World of As a Service
The New World of As a ServiceThe New World of As a Service
The New World of As a Serviceaccenture
 
MyCase Webinar: Safeguard Your Law Firm Against Future Disruption
MyCase Webinar: Safeguard Your Law Firm Against Future DisruptionMyCase Webinar: Safeguard Your Law Firm Against Future Disruption
MyCase Webinar: Safeguard Your Law Firm Against Future DisruptionMyCase Legal Case and Practice Management Software
 
5 Ways to Stay Productive Through COVID-19 (And Beyond)
5 Ways to Stay Productive Through COVID-19 (And Beyond)5 Ways to Stay Productive Through COVID-19 (And Beyond)
5 Ways to Stay Productive Through COVID-19 (And Beyond)MyCase Legal Case and Practice Management Software
 
How 3 Established Law Firms Are Handling COVID-19
How 3 Established Law Firms Are Handling COVID-19How 3 Established Law Firms Are Handling COVID-19
How 3 Established Law Firms Are Handling COVID-19MyCase Legal Case and Practice Management Software
 
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19MyCase Webinar: How to Run a Law Firm Remotely During COVID-19
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19MyCase Legal Case and Practice Management Software
 
Take Control of Your Financial Performance
Take Control of Your Financial PerformanceTake Control of Your Financial Performance
Take Control of Your Financial PerformanceMyCase Legal Case and Practice Management Software
 
Scope creep: How Financial Management is Essential for Law Firm Profitability
Scope creep: How Financial Management is Essential for Law Firm ProfitabilityScope creep: How Financial Management is Essential for Law Firm Profitability
Scope creep: How Financial Management is Essential for Law Firm ProfitabilityMyCase Legal Case and Practice Management Software
 

Más contenido relacionado

Destacado

Accenture SaaS Financial Applications
Accenture SaaS Financial ApplicationsAccenture SaaS Financial Applications
Accenture SaaS Financial ApplicationsDave Kellogg
 
NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I Mukalele Rogers
 
Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01gameaxt
 
Microsoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudMicrosoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudAidan Finn
 
Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]vaishalisahare123
 
Network topology
Network topologyNetwork topology
Network topologylekshmik
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureEduardo Castro
 
Topology presentation
Topology presentationTopology presentation
Topology presentationJobaida Nahar
 
Data base management system
Data base management systemData base management system
Data base management systemNavneet Jingar
 
Database management system
Database management systemDatabase management system
Database management systemRizwanHafeez
 
Network topologies
Network topologiesNetwork topologies
Network topologiesNorah Saad
 
The New World of As a Service
The New World of As a ServiceThe New World of As a Service
The New World of As a Serviceaccenture
 

Destacado (16)

Accenture SaaS Financial Applications
Accenture SaaS Financial ApplicationsAccenture SaaS Financial Applications
Accenture SaaS Financial Applications
 
Redundancy
RedundancyRedundancy
Redundancy
 
NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I NORMALIZATION - BIS 1204: Data and Information Management I
NORMALIZATION - BIS 1204: Data and Information Management I
 
Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01Microsoft Offical Course 20410C_01
Microsoft Offical Course 20410C_01
 
Microsoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid CloudMicrosoft Azure & Hybrid Cloud
Microsoft Azure & Hybrid Cloud
 
Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]Creation of cloud application using microsoft azure by vaishali sahare [katkar]
Creation of cloud application using microsoft azure by vaishali sahare [katkar]
 
(Webinar Slides) What Can Law Practice Management Software Do For You?
(Webinar Slides) What Can Law Practice Management Software Do For You?(Webinar Slides) What Can Law Practice Management Software Do For You?
(Webinar Slides) What Can Law Practice Management Software Do For You?
 
Network Topology
Network TopologyNetwork Topology
Network Topology
 
Network topology
Network topologyNetwork topology
Network topology
 
Cloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azureCloud application architecture with sql azure and windows azure
Cloud application architecture with sql azure and windows azure
 
Topology presentation
Topology presentationTopology presentation
Topology presentation
 
Data base management system
Data base management systemData base management system
Data base management system
 
Database management system
Database management systemDatabase management system
Database management system
 
Data Base Management System
Data Base Management SystemData Base Management System
Data Base Management System
 
Network topologies
Network topologiesNetwork topologies
Network topologies
 
The New World of As a Service
The New World of As a ServiceThe New World of As a Service
The New World of As a Service
 

Más de MyCase Legal Case and Practice Management Software

Más de MyCase Legal Case and Practice Management Software (20)

MyCase Webinar: Safeguard Your Law Firm Against Future Disruption
MyCase Webinar: Safeguard Your Law Firm Against Future DisruptionMyCase Webinar: Safeguard Your Law Firm Against Future Disruption
MyCase Webinar: Safeguard Your Law Firm Against Future Disruption
 
5 Ways to Stay Productive Through COVID-19 (And Beyond)
5 Ways to Stay Productive Through COVID-19 (And Beyond)5 Ways to Stay Productive Through COVID-19 (And Beyond)
5 Ways to Stay Productive Through COVID-19 (And Beyond)
 
How 3 Established Law Firms Are Handling COVID-19
How 3 Established Law Firms Are Handling COVID-19How 3 Established Law Firms Are Handling COVID-19
How 3 Established Law Firms Are Handling COVID-19
 
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19MyCase Webinar: How to Run a Law Firm Remotely During COVID-19
MyCase Webinar: How to Run a Law Firm Remotely During COVID-19
 
Take Control of Your Financial Performance
Take Control of Your Financial PerformanceTake Control of Your Financial Performance
Take Control of Your Financial Performance
 
Scope creep: How Financial Management is Essential for Law Firm Profitability
Scope creep: How Financial Management is Essential for Law Firm ProfitabilityScope creep: How Financial Management is Essential for Law Firm Profitability
Scope creep: How Financial Management is Essential for Law Firm Profitability
 
Grow Your Caseload with Lead Tracking
Grow Your Caseload with Lead TrackingGrow Your Caseload with Lead Tracking
Grow Your Caseload with Lead Tracking
 
Everything You Wanted to Know About Outsourcing
Everything You Wanted to Know About OutsourcingEverything You Wanted to Know About Outsourcing
Everything You Wanted to Know About Outsourcing
 
Ensure You Capture All Billable Time
Ensure You Capture All Billable TimeEnsure You Capture All Billable Time
Ensure You Capture All Billable Time
 
6 Effective Ways to Evaluate Your On-Premise Law Software
6 Effective Ways to Evaluate Your On-Premise Law Software6 Effective Ways to Evaluate Your On-Premise Law Software
6 Effective Ways to Evaluate Your On-Premise Law Software
 
Rebuild Your Law Firm Processes with Practice Management Software
Rebuild Your Law Firm Processes with Practice Management SoftwareRebuild Your Law Firm Processes with Practice Management Software
Rebuild Your Law Firm Processes with Practice Management Software
 
Tips for Automating Your Practice
Tips for Automating Your PracticeTips for Automating Your Practice
Tips for Automating Your Practice
 
Ethics of Social Media Marketing
Ethics of Social Media MarketingEthics of Social Media Marketing
Ethics of Social Media Marketing
 
Turning More Traffic Into Fees
Turning More Traffic Into FeesTurning More Traffic Into Fees
Turning More Traffic Into Fees
 
LinkedIn, There's Something Different About You
LinkedIn, There's Something Different About YouLinkedIn, There's Something Different About You
LinkedIn, There's Something Different About You
 
Practicing at the Top of Your Law Game
Practicing at the Top of Your Law GamePracticing at the Top of Your Law Game
Practicing at the Top of Your Law Game
 
Fixed Fees - Ditching the Billable Hour
Fixed Fees - Ditching the Billable HourFixed Fees - Ditching the Billable Hour
Fixed Fees - Ditching the Billable Hour
 
When to Move Your Practice to the Cloud
When to Move Your Practice to the CloudWhen to Move Your Practice to the Cloud
When to Move Your Practice to the Cloud
 
(Webinar Slides) Build the Perfect Rainmaking Plan: Make 2018 YOUR Year!"
(Webinar Slides) Build the Perfect Rainmaking Plan: Make 2018 YOUR Year!" (Webinar Slides) Build the Perfect Rainmaking Plan: Make 2018 YOUR Year!"
(Webinar Slides) Build the Perfect Rainmaking Plan: Make 2018 YOUR Year!"
 
(Webinar slides) Simple Lessons to Improve Your Law Practice and Your Life
(Webinar slides) Simple Lessons to Improve Your Law Practice and Your Life(Webinar slides) Simple Lessons to Improve Your Law Practice and Your Life
(Webinar slides) Simple Lessons to Improve Your Law Practice and Your Life
 

Último

Labour legislations in India and its history
Labour legislations in India and its historyLabour legislations in India and its history
Labour legislations in India and its historyprasannamurthy6
 
citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicableSaraSantiago44
 
Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.2020000445musaib
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksFinlaw Associates
 
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment Case
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment CaseTown of Haverhill's Summary Judgment Motion for Declaratory Judgment Case
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment CaseRich Bergeron
 
OMassmann - Investment into the grid and transmission system in Vietnam (2024...
OMassmann - Investment into the grid and transmission system in Vietnam (2024...OMassmann - Investment into the grid and transmission system in Vietnam (2024...
OMassmann - Investment into the grid and transmission system in Vietnam (2024...Dr. Oliver Massmann
 
Hungarian legislation made by Robert Miklos
Hungarian legislation made by Robert MiklosHungarian legislation made by Robert Miklos
Hungarian legislation made by Robert Miklosbeduinpower135
 
PPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training CenterPPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training Centerejlfernandez22
 
RA. 7432 and RA 9994 Senior Citizen .pptx
RA. 7432 and RA 9994 Senior Citizen .pptxRA. 7432 and RA 9994 Senior Citizen .pptx
RA. 7432 and RA 9994 Senior Citizen .pptxJFSB1
 
Choosing the Right Business Structure for Your Small Business in Texas
Choosing the Right Business Structure for Your Small Business in TexasChoosing the Right Business Structure for Your Small Business in Texas
Choosing the Right Business Structure for Your Small Business in TexasBrandy Austin
 
Town of Haverhill's Motion for Summary Judgment on DTC Counterclaims
Town of Haverhill's Motion for Summary Judgment on DTC CounterclaimsTown of Haverhill's Motion for Summary Judgment on DTC Counterclaims
Town of Haverhill's Motion for Summary Judgment on DTC CounterclaimsRich Bergeron
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesChesley Lawyer
 
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...Rich Bergeron
 
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxThe Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxgurcharnsinghlecengl
 
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened to
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened toENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened to
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened toirenelavilla52178
 
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...Rich Bergeron
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxjennysansano2
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideillinoisworknet11
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxAnto Jebin
 
1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in SalesMelvinPernez2
 

Último (20)

Labour legislations in India and its history
Labour legislations in India and its historyLabour legislations in India and its history
Labour legislations in India and its history
 
citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicable
 
Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
 
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment Case
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment CaseTown of Haverhill's Summary Judgment Motion for Declaratory Judgment Case
Town of Haverhill's Summary Judgment Motion for Declaratory Judgment Case
 
OMassmann - Investment into the grid and transmission system in Vietnam (2024...
OMassmann - Investment into the grid and transmission system in Vietnam (2024...OMassmann - Investment into the grid and transmission system in Vietnam (2024...
OMassmann - Investment into the grid and transmission system in Vietnam (2024...
 
Hungarian legislation made by Robert Miklos
Hungarian legislation made by Robert MiklosHungarian legislation made by Robert Miklos
Hungarian legislation made by Robert Miklos
 
PPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training CenterPPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training Center
 
RA. 7432 and RA 9994 Senior Citizen .pptx
RA. 7432 and RA 9994 Senior Citizen .pptxRA. 7432 and RA 9994 Senior Citizen .pptx
RA. 7432 and RA 9994 Senior Citizen .pptx
 
Choosing the Right Business Structure for Your Small Business in Texas
Choosing the Right Business Structure for Your Small Business in TexasChoosing the Right Business Structure for Your Small Business in Texas
Choosing the Right Business Structure for Your Small Business in Texas
 
Town of Haverhill's Motion for Summary Judgment on DTC Counterclaims
Town of Haverhill's Motion for Summary Judgment on DTC CounterclaimsTown of Haverhill's Motion for Summary Judgment on DTC Counterclaims
Town of Haverhill's Motion for Summary Judgment on DTC Counterclaims
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
 
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...
Town of Haverhill's Statement of Material Facts For Declaratory Judgment Moti...
 
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxThe Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
 
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened to
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened toENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened to
ENG7-Q4-MOD3. determine the worth of ideas mentioned in the text listened to
 
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...
Town of Haverhill's Statement of Facts for Summary Judgment on Counterclaims ...
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docx
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guide
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
 
1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales
 

Law Firm Security and Data Redundancy

  • 1. Law Firm Security and Data Redundancy Law Firm Security and Data Redundancy
  • 2. Cloud computing may be a new concept to you, but rest assured, even if you’re not familiar with what cloud computing is, you’re probably already using it in your law practice. The concept of cloud computing is simple: when you store documents online, whether in MyCase, as web-based email attachments, or via a stand- alone online storage solution, you’re storing them “in the cloud.” In other words, your law firm’s digital data is in the cloud when it’s being stored on servers owned and maintained by a third party rather than your law firm. What is Cloud Computing?2. Here at MyCase, we understand that you have an ethical obligation to maintain confidentiality. That’s why keeping our customers’ data secure is one of our top priorities. Managing privileged case information for thousands of attorneys (and their clients) is a responsibility that we take very seriously. We understand that some lawyers may be nervous about moving their data into the cloud. You undoubtedly have lots of questions about the steps we take to ensure that your law firm’s data is safe and secure. What steps are being taken to protect my data? Does the company understand the unique concerns of lawyers? What will happen to my firm’s data in the event of a natural disaster? How financially stable is the company that will be hosting my law firm’s data? In this whitepaper, we will answer all of those questions and provide an overview of how we ensure the security of your law firm’s data, in part by providing redundant data storage and backup. Our goal is to put your mind at ease by sharing our security procedures, which are relied upon by thousands of attorneys just like you trust who MyCase to help them manage their law firms. At MyCase, Security is Our Top Priority1. What is Cloud Computing? 1 A Brief Overview of MyCase’s Security Policies 2 Steps You Can Take to Protect Your Firm’s Data 6 TABLE OF CONTENTS MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 1
  • 3. Amazon’s Cloud Computing Platform MyCase runs on Amazon Web Services’ EC2 cloud computing platform. We chose Amazon’s EC2 cloud servers because Amazon has over a decade of experience managing cloud servers across 16 different geographical regions across the United States for some the biggest companies in business today. Because of the breadth of Amazon’s experience providing cloud computing services, you know you can trust them to be at the leading edge of online service technology. Amazon has strict procedures in place, which protect the physical security of their servers and safeguard the integrity of their data. Amazon’s data centers and network architecture are built to meet the requirements of the most security-sensitive organizations. A Brief Overview of MyCase’s Security Procedures2. So, if you’ve ever used Westlaw, Google Drive, or Dropbox, you’ve used cloud computing. Your online bank account and every bill you pay online are also managed in the cloud. If you’ve ever used any of these online tools, you’re probably already well aware of the many benefits gained by using cloud computing. For starters, costly solutions like in-house IT departments, expensive servers, and up-front infrastructure costs are avoided when you leverage cloud computing. Another benefit of cloud computing is the convenience and mobility it offers lawyers. The ability to access your law firm’s case files 24/7, from any location, using any Internet-enabled device is an incredible convenience. But there’s more to cloud computing than simply IT savings and mobility; the security it provides your law firm is likewise immeasurable as well. You can learn more about Amazon’s cloud infrastructure and security at: http://aws.amazon.com/security/. In addition to Amazon’s security standards, our network traffic is isolated from other AWS customers via Virtual Private Cloud (VPC) dedicated to MyCase customers only. We communicate with our database using a secure connection and aggressively protect access to our servers with firewalls. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 2
  • 4. For added peace of mind, view our real-time SSL Labs test times and grade: https://www.ssllabs.com/ssltest/analyze.html?d=www.mycase.com&hideResults=on State of the Art Encryption When you connect to our servers, your data is encrypted before transmission using 256-bit SSL connection. If the user’s internet browser does not support full 256-bit encryption, the connection degrades to 128- bit, but by default your data is protected with the highest, state-of-the-art encryption available. Our cipher suites also support Perfect Forward Secrecy (PFS) which prevents backward decryption of stored data should keys be compromised in the future. This is the same type of secure connection you use when using online banking, investments, healthcare portals, etc. Encrypting your transmission ensures that nobody can intercept your data along the way, and verifies it is truly you who is connected to our servers and not an impostor. MyCase was founded by an attorney and designed from the ground up with the unique security needs of attorneys in mind. MyCase is backed by our parent company AppFolio, Inc (NASDAQ: APPF), a leader in cloud-based software for different business verticals. That means that as a MyCase customer, the company you trust to manage your law firm data has the additional resources and support of a publicly traded company specializing in SaaS (Software as a Service) technologies. This experience ensures that we’ve built a secure online platform for lawyers that you can trust. This isn’t the first time we’ve been down this road; we’ve seen and learned a lot along the way. We’re constantly monitoring the latest security threats, and evolving and adapting our service to address any issues that may arise. Experience Counts When it comes to protecting data for your law firm — experience counts. Our in-house security team performs internal security audits on a regular basis to ensure our system is secure and your information is protected. We run static analysis tools on our code regularly, and we automatically scan lists of known vulnerabilities (CVEs) for references to the software on which we depend. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 3
  • 5. When you give your clients access to your firm’s MyCase Client Portal, they are granted access only to the appointments, documents, and invoices you explicitly share with them and access can be changed at any time. By default, any contacts you add to MyCase are enabled for the MyCase Client Portal since the client portal is a built-in security tool designed for your law firm. It allows you to communicate and share items with your client in a much more secure way than traditional email. By giving your clients their own username and password, they are able to have peace of mind as well knowing their case information and documents are protected within MyCase and are only accessible by people who have permission to do so. In addition to the security steps Amazon and MyCase take on the server side, there are also a number of features built into MyCase that will help keep your firm’s data protected. For example, MyCase will automatically log users out during times of inactivity or when the account has been accessed on another machine. MyCase stores passwords using the latest top security recommendation. We add per-user random information (salts) to passwords, before hashing them with bcrypt, an algorithm designed to be resistant to brute-force attacks. In fact, MyCase only allows a certain type of password (called a “salted, bcrypted password”), which helps resist brute-force attacks and provides that added protection. You also have many different permission settings and access controls in MyCase that give you further protection. Permission settings allow you to control what each user can access within MyCase, including staff, co-counsel, and clients. Protection in MyCase3. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 4
  • 6. Two-Factor Authentication MyCase offers Two-Factor Authentication via Google Authenticator, giving you an additional level of law firm security in the cloud. Two-Factor Authentication (or 2FA) is a security feature that makes it extremely difficult for unauthorized users to access your account. In the event that your username and password are compromised, 2FA would still prevent someone from gaining access to your confidential data. Logging into a web-based software system that does not implement 2FA is a simple, one-step process. All the user has to do is enter the correct username and password, at which point the entire database of sensitive client information is made available. Logging into a 2FA system, however, requires an additional login step. After users input correct username and password combination, they are not immediately logged into the system. They are instead taken to a second login screen which prompts them to enter a temporary verification code that is a Time-Based One- Time Password with a 10-byte secret key generated by a CSPRNG. The first time setting up 2FA in MyCase you’ll need to go to Settings>My Profile>Two-Factor Authentication and follow three steps, starting with downloading Google Authenticator on your iPhone, Android, or Blackberry device. As web-based portals become increasingly common in other industries, it’s not surprising that many legal clients now expect instant access to case-related information. Practice management software with built- in, secure web portals can improve client communication by providing them with 24/7, convenient, and secure access to their case information. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 5
  • 7. Hopefully this guide has addressed any concerns you may have had about data security and cloud computing, but the truth is no matter how many steps companies can take to secure your data (whether it’s Amazon or even your local Internet Service Provider), the most common cause of data loss is caused by the human element. That’s why it’s important that you take steps to secure your account (in addition to setting up 2FA): • Use a strong password (MyCase will even tell you how strong your password is). • Don’t use the same password for MyCase that you use for other websites. • Use at least 10 characters and include a special character, number, and at least 1 capital letter. • Don’t give your MyCase password to anyone else, and change it frequently. • Make sure that other people can’t access your e-mail — otherwise they could reset your MyCase password and gain access to your account. Should you ever feel that your account has been compromised, contact us right away! We can freeze access to your firm’s account, immediately locking out all users until we can ensure that everything is secure. Still don’t believe us? See what your peers have to say about how MyCase’s security provides peace of mind and is helping to transform their law practice. We understand how important security is to your law firm. That’s why multiple security features are built into MyCase. Our goal is to ensure that MyCase is reliable and that your law firm data is protected and secure; that way you aren’t distracted by IT concerns and can focus on doing what you do best: practicing law. What You Can Do to Protect Your Data4. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 6
  • 8. Get a Personalized Walkthrough of MyCase. Get Your One-On-One Demo No credit card required ABOUT MYCASE MyCase, a subsidiary of AppFolio, is an affordable, intuitive and powerful practice management software designed for the modern law firm. Easily organize your firm with a complete solution—contacts, calendars, cases, documents, time tracking, and billing. Reap the time-saving benefits of MyCase’s integrated client portal so everyone stays informed and connected. Learn more at www.MyCase.com. MyCase Legal Practice Management Software: Law Firm Security and Data Redundancy 7