Liradocs Security

Liradocs Security Policy

This Security Policy governs the processing of data provided by a Subscriber in connection with their user license agreement (“Agreement”) or through the use of the Liradocs Services. By using the Software, our services, or our website, or by signing an Agreement with Liradocs, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Sites or App.

Keeping Your Firm Safe

Cybersecurity is a significant concern, as many malicious actors seek to exploit vulnerabilities in online systems. While it might seem as if a server in your office with local PCs is secure, connecting your in-house network to the Internet makes it highly vulnerable to attack, with ransomware often targeting on-premise servers. Trojans and other threats can be introduced through PCs used for non-work-related purposes when we are least alert to potential dangers.

Liradocs has a dedicated Information Security Officer responsible for maintaining the security of client data, the Liradocs system, and all internal systems that support our business operations.

Liradocs Data on Liradocs Servers

As a cloud-based solution, the software and all client data are stored on Liradocs Servers, which are built on the Amazon Web Services (AWS) platform.

Amazon Web Services (AWS) is a leading cloud services platform, providing database storage, content delivery, and a range of other functions. It is one of the largest and most successful cloud platform providers worldwide. AWS prioritizes security, offering data centers and network architectures designed to meet the requirements of highly security-conscious organizations like NASA, Atlassian, and Dow Jones. AWS continually evolves its core security services, including identity and access management, logging and monitoring, encryption and key management, network segmentation, and Denial of Service (DDoS) protection.

Liradocs stores data in the jurisdiction of origin. In Australia, this is located in Sydney. Liradocs actively leverages AWS services, adhering to information security best practices. Additionally, Liradocs performs continuous backups, ensuring your data remains up to date with the last time you connected to the internet.

Security Controls

Liradocs employs multiple layers of security controls (software, physical, and process-based) to protect client data.

This includes, but is not limited to:

• Local & Network Firewalls
• Web Application Firewalls
• Intrusion Detection Systems (IDS)
• Multi-vendor Anti-Virus Solutions
• DDoS Throttling Services
• Access Control Lists
• Security Patch Management
• Identity and Access Management
• Centralized Log Management
• Symmetric and Asymmetric Encryption Systems
• Separation of Duties
• Vulnerability Assessment
• Anomaly Detection
• Remote Monitoring & Alerting

At Liradocs, we understand that security is of utmost importance to law firms. The following security measures can be implemented alongside those developed by Liradocs to strengthen security for your firm.

Your PC AntiVirus and Malware | Data stored on Liradocs

Security on your PC is the responsibility of you and your IT provider. All information on your PC is vulnerable to attack without proper security precautions, so it is critical to ensure every PC in your firm has the necessary anti-virus, malware, and security protection.

Regarding Liradocs, if your PC is compromised or lost, all your data on the Liradocs servers will remain safe. All you need to do is purchase a new PC and log in to Liradocs. Your data will still be available.

Email Hacking and Document Sharing | LiraDocs Communicate

Email is a common but high-risk communication method, vulnerable to hacking and infiltration. You should never send highly confidential or sensitive information or documents by email.

To facilitate secure communication, Liradocs offers Liradocs Communicate for document sharing. When a document is shared through Liradocs Communicate, it is not physically transported. The document remains in Liradocs Communicate, and only authorized individuals with the appropriate credentials can interact with it. An email or notification is sent to the other party, allowing them to view and comment on the document within Liradocs Communicate. The document itself is never sent via email.

Data Encryption | Liradocs Applications

Every Liradocs application is accessed via HTTPS using Transport Layer Security (TLS). TLS is a cryptographic protocol designed to protect information transmitted over the internet against eavesdropping, tampering, and message forgery. Once client data reaches the Liradocs cloud infrastructure, it is encrypted at rest using AES-256, military-grade encryption.

Service Availability | Multiple AWS Data Centres

Liradocs has been designed to be a highly available, active-active solution. Liradocs services are distributed across multiple AWS data centers within Australia. In the event of one data center going offline in a disaster scenario, the second data center will continue to serve data with minimal, if any, service interruption. Liradocs is not responsible for any delays resulting from AWS server availability.

Backup Policy | Frequent

Liradocs servers are backed up multiple times a day, as well as on a weekly and monthly basis. This ensures that your data is regularly safeguarded and can be restored promptly in the event of any unforeseen issues.

System Monitoring | 24/7

Liradocs is monitored 24 hours a day, 7 days a week, 365 days a year. This continuous monitoring allows us to detect and respond to potential issues promptly, ensuring that the platform remains secure and available at all times.

Data Breach Notification

Liradocs will notify the Subscriber without undue delay and in writing upon becoming aware of any Data Breach concerning our client’s data. If a vulnerability is identified or if data is available publicly outside of the Liradocs Software, please contact Liradocs immediately via Info@liradocs.com.au.

Privacy Policy

Liradocs’ Privacy Policy is subject to change and can be accessed at: liradocs.com.au/privacy-policy

Liradocs and Your Data Security Responsibilities:

Authorisation

If you provide Liradocs any personal or sensitive data relating to other individuals, either directly, through our websites, through our software, or otherwise, you represent that you have the authority to do so and permit us to use, access, or host that data in accordance with this policy.

Account Access

Liradocs employs industry-standard security measures to ensure the protection of information. However, the security of information transmitted through the Internet can never be fully guaranteed. Liradocs is not responsible for any interception or interruption of communications through the Internet or for changes to or losses of information.

Site users are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password-protected or secure areas of any Liradocs websites.

To protect you and your information, Liradocs may suspend your use of a website, without notice, pending an investigation if any breach of security is suspected. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you may have with us has been compromised), please immediately notify us of the problem by contacting us as outlined in the “Contacting Us” section.

We may use your information as we believe to be necessary or appropriate: a) under applicable law, including laws outside your country of residence; b) to comply with legal processes; c) to respond to requests from public and government authorities, including those outside your country of residence; d) to service providers that act on our behalf, such as for marketing or payment processing, with their use of personal information subject to our agreements and applicable laws; e) to enforce our terms and conditions; f) to protect our operations or those of any affiliates; g) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; h) and to allow us to pursue available remedies or limit the damages that we may sustain.