What are eBrief Ready's key security measures?
- eBrief Ready is ISO 27001 accredited - the highest global industry standard for data security. It provides a framework for the way that organisations manage the security of their data assets. In the legal profession, these assets are substantial – from sensitive case records to financial and intellectual property information. Taking up accreditation means making a deliberate choice to hold your services to a higher standard – it’s certainly no box ticking exercise.
- We have enforced the mandatory use of two-factor authentication (2FA) for all eBrief Ready accounts. Quite simply, 2FA allows us to verify that the person trying to gain access to the account is who they say they are. Even if your password falls into the hands of someone other than yourself, the chances of them also having your second-factor information are extremely unlikely.
- All of your documents are held securely on Amazon AWS. The servers are located in Sydney (for those using the platform within Australia) and London (for those using the platform within the UK), so your data stays inside your sovereignty.
- eBrief Ready relies on a number of third-party services including Amazon Web Services, Elastic Cloud, Elastic Email and others. All data written to or read from these services is encrypted in transit, and, where possible, encrypted at rest.
- In line with industry best practice, user account passwords are encrypted and the unencrypted password is never persisted and therefore not accessible by any member of the eBrief Ready team.
- The software libraries used by the eBrief Ready platform are routinely checked for vulnerabilities as part of the application development and deployment process. A deployment of the platform is not able to proceed until any identified vulnerabilities have been rectified.
- All eBrief Ready team members (both full time and contractors) have signed confidentiality agreements, and their access to the data you provide is limited to that required for development or troubleshooting purposes only.
- eBrief Ready has automated systems in place for error detection and reporting, as well as a robust system for the automated backup of critical user-provided data agreements.