Home‎ > ‎Sitewide‎ > ‎

Security and Backups

An organization's LegalServer database contains information that needs to be secure from inappropriate disclosure, including confidential information about clients, and needs to be protected against loss. This document describes the measures LegalServer takes regarding security and the features provided to site administrators related to security.

Login Credentials

* No one can sign in to LegalServer without being issued a login name and password by a site administrator, having the Login Active field on their account set to Yes, and being assigned to a User Role with the Login permission. The permission can be granted or removed for internal and external logins (see Restricting Access to LegalServer by Location).

* Password restrictions: Passwords must be at least 8 characters long and contain at least one number and one letter. Passwords cannot be a series of letters ending in 1, 12, 123, or 1234.

* There is an optional password expiration option that allows site administrators to force passwords to be changed on a regular basis.

* Failed login attempts are delayed by 1 second for the first 9 attempts. Beginning with the 10th attempt, the delay is increased to 10 seconds. We do not lock out accounts after a certain number of failed attempts since this would allow anyone reaching the site to lock out a user (including a site administrator) by attempting to login repeatedly.

* Single Sign On is supported as an additional module, allowing an agency to control access via its identity provider. Gsuite is currently supported. Microsoft Azure AD and Okta support are planned.

Encrypted Sessions Required

LegalServer can only be accessed over a secure internet connection. Industry standard Transport Layer Security is used to encrypt the information that passes to and from each computer and the server running LegalServer.

Automatic Logout

LegalServer provides an automatic logout feature when someone has been inactive on the site for some length of time. The default is 1.5 hours. Administrators set the logout time on the Admin / Site Settings page.

Restrictions based on IP Address

Site administrators can take certain actions based on the IP (internet protocol) address of the device being used to login. Administrators can set a different session timeout value than the site-wide value, force users logging in from designated networks into a user role with limited permissions for that session, completely block the login, etc. For more information, see Restricting Access to LegalServer by Location.

User Roles and Permissions

LegalServer offers an extensive set of permissions that allow administrators to enforce agency policy regarding access to cases, features, and functions after someone has successfully logged in. See User Accounts and User Roles and Permissions for more information.
Revoking Permission to Login

Site administrators can immediately block a user from logging in by simply setting the Login Active field on a user account to No.

Limiting Collection of Sensitive Information

Agencies typically must collect sensitive information about applicants and clients for operations and reporting to funders. LegalServer provides agencies tools to limit the collection of sensitive information as much as possible.

* If Social Security Numbers must be collected, administrators can limit this to only 4 digits in Admin > Site Settings.

* Agencies can design their application processes to limit the data collected about applicants. For example, an agency can collect an applicant's type of problem and location to determine potential eligibility for services, and possibly halt the application process, before collecting name, date of birth, SSN, etc.

Physical Security of Servers

All sites are hosted on Amazon AWS.

Software Security Updates

LegalServer staff regularly monitor information regarding security vulnerabilities, updates, and best practices as it relates to the entire application; including the programming languages, database application, server operating system, and running a web-based application serving requests over the internet. Updates to address security concerns can be applied to all servers immediately in critical situations or rolled out as part of the regular update process.

Data Backup and Disaster Recovery

Organization databases that we host are backed up as follows:

* Data is backed up locally on the server periodically throughout the day
* Data is backed up remotely (to a different server at a different physical location) every night
* Data is stored for at least 2 weeks before it is overwritten

Database restores are tested weekly to confirm the data backups are valid.

A full restore from backup typically takes 4 to 8 hours. Time varies depending on the size of the site's database.

Sites that are paying for replication have a failover option. This can usually be done in under 1 hour.

Email Security

LegalServer can send and receive email messages. Our mail servers offer TLS (Transport Layer Security) when connecting to send and when accepting connections to receive. if the sending or receiving server supports TLS, the mail is sent through an encrypted connection. Individual email messages are not encrypted. This is the same process used by secure (https) websites. The information on the website itself isn't encrypted, but the channel the information is sent through is encrypted.