How is vulnerability, patch, and security updates management ensured?
Are the network connections and interfaces to legal-i established and do they meet the required performance and security features?
How do technical administrators at legal-i access the infrastructure and systems? What methods are used for this purpose?
How can it be ensured that only authorized devices can access the service (e.g., customer IDP, IP whitelisting)?
Does legal-i have a requirements-compliant security monitoring system with defined interfaces (e.g., APIs, etc.), and is security incident reporting ensured according to customer requirements?
Are additional extensions or plugins used?
How are endpoints mutually authenticated in machine-to-machine communication?
How is malware protection ensured?
How does key management work?
How is the tenant service ensured?
At which service provider does legal-i operate its infrastructure?
What certifications and evidence documentation for attesting security are available?
Specification of RTO and RPO
How is authentication and authorization accomplished?
Is it ensured that no licensing rights are violated by using the cloud service?
How does legal-i ensure identity management and authentication?
Multi-tenant architecture: What does it mean?
How does the architecture of the legal-i cloud platform look?
How do we ensure security in the data center?
How are security controls ensured?
What does legal-i's cloud infrastructure look like?