Questions and Information about Site Security

One of the most important facets of a hosted, web-based application service is the need to separate and safeguard the confidentiality of client data. Security and privacy are paramount. DirectLaw™ has implemented numerous measures to ensure the confidentiality and security of your clients’ data. Our solution is hosted in a highly secure environment, protected by encryption and authentication in a hardened, protected site.

The DirectLaw™ Virtual Law Firm platform and all associated data is hosted by Baltimore, Maryland-based DataPoint, Inc., a top-tier hosting facility that is SAS70 Type II certified.

We utilize the same level of protection and security that is used by banks and required by our national insurance company clients. Through our secure, state-of-the-art hosting facilities, our clients receive the highest data protection commercially available.

We provide an integrated system that allows authorized parties in and keeps everyone else out through the use of:

• Firewalls to prevent unauthorized access;
• SSL encryption to keep documents secure;
• U.S. government-standard 128-bit AES encryption;
• Site certificates to verify server identities;
• Secure IDs to verify user identity;
• Windows security to keep network logins locked up;
• Intrusion protection against login attempt and unauthorized transmissions; and
• Off-site data storage.

Features of the Facility include:

Physical Security.  All computer and network communication systems are housed in a secure, hardened hosting facility with 24x7x365 guard patrols and full surveillance and biometric access control systems.

System Redundancy.  Our system has built-in redundancy at every point, including Web, application, file, database, and storage servers.

Network Monitoring.  DirectLaw's infrastructure is continuously protected by a broad shield of network equipment and software tools and continuously monitored by our staff for any attempted network attacks.

Network Security.  DirectLaw™ requires its clients (e.g. law firms and the law firms' clients) to use Secure Socket Layer (SSL) encryption technology (128-bit minimum) when accessing the DirectLaw™ applications via an Internet browser.  Digital certificates ensure the authenticity of each SSL session. This minimizes the risk of data stream interception between the user's browser and the DirectLaw™ service.

Data Backup.  We automatically backup all client data nightly and store it at a secure, off-site facility.  All backups are encrypted, and any unused, obsolete, or end-of-life media is destroyed to prevent third-party data retrieval.

User Authentication.  Our authentication policies enforce security without increasing complexity for authorized end users.

HTTPS Protocol

This web site is a secure site which uses the https protocol.  This means that all data sent to and from the site is encrypted.  You can determine on your own that it is a secure site by noticing that the lock symbol on your web browser is closed when you are in a secure area.

How Security Works Within Rapidocs®

When you assemble a document within Rapidocs®, the Rapidocs® file itself is 128-bit encrypted, which is the highest level of security, and the file itself can be password protected by the user or a staff member.

When the client inserts their data into an online questionnaire within the web browser it is not stored on the server, but within the form itself. When the web browser is closed, the client's data will disappear.