Strong, robust, and top-of-the-line.

Data is segregated, stored and accessed by respective administration only. There is no shared database.

File names and data are all encrypted to prevent information leakage. Our hosting on Amazon Web Services (AWS) is ISO 27001-certified, SOC2 compliant, and with U.S. Tier 5 data centers.

What sets our approach apart is that we limit our API connections—the communication between applications. The more places that connect with SimpleLaw, the greater the odds for leaks, breaches, and other security issues. SimpleLaw provides all the tools users need, at one low price.

All the traffic (whether from Google Drive, OneDrive, QuickBooks, etc.) is 128-bit encrypted. That means that your data is protected even in transit.

Our SimpleLaw development team consists of members who are trained, with in-house senior consultant advice and third-party expertise to cover all security bases.

Data is regularly monitored by cloud-based tools, every 10 seconds. Regular Vulnerability Assessment and Penetration Testing (VAPT) tests are carried out regularly, which includes complete IT infrastructure and code vulnerability scanning. This means we identify and fix vulnerabilities before they can be exploited.

Malware scanning is done at regular intervals. Cloud-based firewall services are in place, blocking hacking attempts from phishing sites.

Access to premises is restricted on multiple layers, from authorization and ID to biometric access.

All communication between users and SimpleLaw are encrypted, according to General Data Protection Regulation (GDPR) legislation. Documents are accessed only by authorized individuals.

SimpleLaw procedures of security governance, how classified data is stored and recorded, as well as how we work with emergencies and other situations is verified by the Service Organisation Controls (SOC) report on trust service principles and criteria for security, confidentiality, and privacy.

The SimpleLaw portal complies with Health Insurance Portability and Accountability Act (HIPAA) requirements to process and store data safely and effectively.

Logins are authenticated using multiple sources - and customizable by person.

Passwords, files, and anchors are encrypted—even at the client end.

Role-based access settings are also fully customizable by person, not solely by role.

Access to active online sessions is secured by enabling single user session tabs.

Each firm has a unique domain, shielding data in the system from unauthorized access.

Activity tracking and reporting for SimpleLaw sessions helps deter suspicious activity.