LawWare is committed to building strong information security safeguards into all its software and everything it does. By working closely with our datacentres, we ensure that the highest standards of security and resilience are met at all times within our fully managed and protected environment.
Our key security protection measures are described in the following points.
Our data centre partners have designated Information Security Managers who are responsible for managing and implementing security standards, policies and best practice. The Network, Infrastructure and Quality Assurance teams support the Information Security Manager. They have internal information security policies, which their Information Security Committees govern.
Datacentres prioritise the patching of internal systems by role, importance and location in the network. It automatically deploys and manages patches where appropriate. In addition to this, we update each LawCloud server ourselves with updates released for Microsoft operating systems and all application software used on the cloud. These are tested on a test server before being rolled out to all servers. Assuming all updates pass our compatibility test, they are applied within 3 days of passing the test. Microsoft releases these security updates at least monthly, other vendor’s timescales differ.
We implement a robust, industry leading anti-virus software on all our servers. Virus definition updates are applied daily as a minimum and hourly where required.
If you have an email subscription through us under Office 365 then you are protected in addition by Microsoft Exchange Online Protection EOP (anti-spam and anti-malware).
LawCloud is also a member of CISP (Find out more about CISP) Helping us to keep a watchful eye on securty.
CISP is the Cyber-Security Information Sharing Partnership, a joint, collaborative initiative between industry and government to share cyber threat and vulnerability information to increase overall situational awareness of the cyber threat and therefore reduce the impact upon UK business.
All LawCloud servers sit behind the strongest and most secure firewalls that we are able to implement. For VMware platforms, we use Edge Gateway and for Hyper-V, we tend to favour Cisco Virtual Firewall (Cisco Adaptive Security Appliance operating on Cisco ASA5550).
Windows Firewall is enabled on each individual server.
Our data centre partners conduct penetration testing of the internal infrastructure on an ongoing program on a risk based approach and on all new services before going live.
Data centre policies and procedures ensure that our team:
At LawWare, the security and safety of your data is our paramount concern. We have invested a great deal of resource and technical expertise to make sure your data meets industry safety and compliance standards and we partner with the UK’s most secure and robust data centres to host your data.
LawCloud uses a number of hosting providers who all offer state-of-the art security solutions.
- A >99.9% uptime SLA
- Monitoring services
- Unlimited bandwidth (network traffic)
- Automatic failover
- SSL certificate
- RAID protected storage
ISO 27001 sets out the requirements of Information Security Management systems. It is part of the ISO 27000 family of standards relating to information and cyber security and offers a comprehensive set of controls based on best practice in information security. The accreditation shows our hosting providers’ compliance with regulatory and contractual requirements regarding data security, privacy and IT governance.
Part of the ISO 14000 family of international standards covering environmental impact and the reduction of greenhouse gas emissions, ISO 14001 is the standard that covers the design and implementation of an Environmental Management System. This is a framework designed to measure and improve the way natural resources are used and disposed of by an organisation.
ISO 9001 sets out the steps necessary to adopt a quality management system. It is designed to help organisations ensure they meet the needs and expectations of both customers and other parties, based on internationally recognised quality management principles set out by the International Standards Organisation (ISO). The Certification shows that our quality processes have been audited against ISO 9001 and that our hosting providers’ meet the requirements.
Rest assured, at Lawware we leave nothing to chance – your data will always be secure and will be readily recoverable even should a catastrophic failure scenario arise.
The data centre team is responsible for maintaining optimum system performance in all data centres and:
The team ensures confidentiality, integrity and availability of all data and:
There is a responsibility for ensuring that the principal of least privilege applies in the data centres.
This means we ensure that only engineers who need access to servers, infrastructure and networks get it. Employees who don’t have a business requirement to access these can’t do so without authorized personnel.
The team is responsible for securely destroying its data, hardware and removable media.
The team is responsible for maintaining secure communications in its private network, backup and disaster-recovery services.
The team is responsible for managing incidents on its network.
The team is responsible for maintaining internet connections for servers.
The team is responsible for notifying partners of planned outages.
The team is responsible for initially configuring VPN concentrators and firewalls.
The team is responsible for mitigating denial of service attacks from the Internet.
If you require any further information or would like to arrange a guided tour of our UK-based data centre, please get in touch.
Also see our Security white paper
Find out more about how LawCloud is Green
Or request a copy of our Cloud Guidelines document
Our clients range from small start-up legal practices to multi-partner, multi-site firms.
Another great customer service experience from LawWare. My laptop had to be stripped back to factory settings as part of a repair - taking hours! In contrast, restoring LawWare took one phone call to the support team and I was up and running in 6 minutes. If only everything was so easy!
As the first commercial user of LawWare back in 1998, we have had no hesitation in remaining with the product through its development. We thoroughly recommend it to any firm looking for a practice management system.
The helpdesk is exceptionally good. Whatever the query there is always a human being there to help. No leaving messages or being advised to go to a website. The best computer service for solicitors I have ever used!
The linking of documents and casefiles saves so much time! I have experience of several accounts packages and I like that LawWare is simple to use and easy to learn. Support is quick and effective and staff are helpful and courteous.
I have worked with a number of Case Management providers over the years but have not come across anything with the attention to detail and thoroughness of LawWare. My colleagues and I have not been disappointed.
I can’t imagine trying to be a law firm in the 21st Century without 21st Century IT systems. Having a ‘single system’ that underpins all the work, whether we are in the office or out, is an integral part of what we are building.
The level of support is the main benefit using this system. The system itself once you have had training is simple and easy to use. We have a great relationship with LawWare and the ongoing support is second to none.
Significant preparation was required to configure and import the data from our old firm. We had to get all clients onto the new system and then learn how to use it. We just find it very easy to use, much easier than our old system.
Being a busy litigator with a growing firm it is incredibly useful to be able to view my files from any location with some form of internet connection. I am a fan, and want to keep working with LawWare to make a good product great.
The switch to the new LawCloud system, which is still on-going, has gone very well. We found the LawWare team without exception to be very helpful and knowledgeable. All queries are followed up and dealt with promptly.