Legalbox is deployed under a scalable cloud computing platform designed for high availability and dependability, providing the tools that enable us to run our wide range of applications. Helping to protect the confidentiality, integrity, and availability of your data is of the utmost importance to Legalbox, as is maintaining your trust and confidence.
This document is intended to provide an introduction to Legalbox and its partners approach to security using a wide range of tools and features to help you to meet your security objectives.
Legalbox’s infrastructure partners provides several security capabilities and services to increase privacy and control network access. Our built-in firewalls allow us run all our servers under private networks and enables us to control network access to our instances and subnets. Our partners also provide encryption in transit with TLS across all services and DDoS mitigation technologies as part of our auto-scaling and content delivery strategy.
Legalbox application was built with Cross-Site Request Forgery and Cross Site Scripting filter to prevent malicious script injection into your data, or other types of code that attempt to hijack cookies.
Our encrypted database instances use the industry standard AES-256 encryption algorithm to encrypt your data on the server. All your data is under a virtual private cloud environment logically isolated from other networks in the data-center. You can also ask for a private and dedicated data storage so your content would be isolated even from other Legalbox accounts*.
Our automated backup enables point-in-time recovery for your data in case of disasters with minimal retention of one week by default.
Legalbox’s datacenter partners are continuously audited, with certifications from accreditation bodies across geographies and verticals, including ISO 27001, FedRAMP, DoD CSM, and PCI DSS.i and also fully compliant with applicable EU data protection laws (GDPR).
* Extra charges may apply.