Data Accessibility, Security, and Privacy (Part II)
Posted by The Clio Team on October 22, 2008
This is the second in a three-part series on data accessibility, security and privacy. In case you missed it, here’s Part I: Data Accessibility. Part III: Data Privacy will be posted next week.
Clio employs multiple levels of protection to ensure your data is secure. However, before going into detail about how we implement this security, we should elaborate on what exactly we mean by data security.
Data security is often used as an umbrella term to refer to multiple aspects of security – in this series of blog posts we’ve broken the overall concept of data security into three parts: Data Accessibility (referring to data backup, data escrow, etc. – see Part I for more details), Data Security (described here) and Data Privacy (described in Part III, to be posted next week).
When we refer to data security , we are referring to one concept in particular: keeping your data secure so that only properly authorized users are able to access your data.
We’ve implemented this data security using four primary mechanisms: password security, internal rights-managed security, end-to-end bank-grade 256-bit SSL encryption, and external security audits.
The first layer of security is provided by password security: the only way of access your practice’s data on Clio is by entering the correct password. This is why it’s so important to choose a strong password for Clio (or any other online service). Some good articles on the importance on strong passwords include this article by security expert Bruce Schneier and these tips on choosing strong passwords by Microsoft.
The second layer of security is the internal rights-managed security provided by Clio. This makes it select specific users who can “see” certain matters or contacts. For an especially sensitive contact or matter you may choose to make it “private”, so only you can see it, or share it with a specific group within your firm, such as the “Senior Partners” group.
The third level of security provided by Clio is end-to-end bank-grade 256-bit Secure Sockets Layer (SSL) encryption. SSL is an encryption standard used by leading online banking and financial institutions that makes electronic evesdropping on your communications with Clio’s servers impossible. This means that, for example, you can safely and securely access your practice’s data using a public WiFi service at your local Starbucks. You can read more about the technical details of SSL encryption in this excellent Wikipedia article: SSL.
Finally, we have contracted the world’s largest dedicated security company, McAfee, to perform comprehensive network security and vulnerability scanning. This continuous penetration testing and security scanning helps ensure your data is safe. You can read more about the McAfee Secure designation Clio has earned here.
With external password security, internal rights-managed security, and SSL encryption you can rest assured your practice’s data is both safe and secure with Clio.