The client's data is encrypted at the client's site before being transferred to the cloud. The client exclusively retains key control (bring your own key). This allows the client to irrevocably delete the key and thus the data at any time.
The security of customer documents is a central design goal of the legal-i system. All documents are protected during transmission between customers and legal-i servers by industry-standard SSL (Secure Sockets Layer) with 256-bit end-to-end encryption. To protect documents while they are stored in the cloud, legal-i uses only top-tier service providers that have passed annual SOC 1/SSAE 16/ISAE 3402 audits. These providers maintain data centers with extensive physical access controls, including professional security, intrusion detection, video surveillance, and two-factor authentication for all personnel. Additionally, these providers offer redundancy against natural disasters or system failures by securing and replicating customer data in physically separate data centers.
The client has the right to conduct a security audit of their company workspace in the legal-i cloud at any time.