Office Address

110 - 1/1, Havelock Road, Colombo 05, Sri Lanka

Phone Number

+94 77 627 3901

Email Address

info@legistant.com




legistant security

Legistant's Security Promise

Staying on top of the latest in cybersecurity We continue to review and update Legistant’s code for security, and monitor for potential vulnerabilities to ensure your data is always protected. Operating in accordance with GDPR legislation Legistant Manage is compliant with the terms found in the GDPR guidelines, meeting our requirements as both a data controller and data processor. Standardizing employee security protocols Legistant enforces office access policies, two-factor authentication for internal tools, device and travel policies, criminal background checks for employees, regular security training, and more.

 

Regular security tests

Legistant utilizes an internal audit. We test our platform with the most advanced techniques available to ensure that Legistant’s software is secure. We also keep track of all dependencies and their vulnerabilities, and create bug fixes as soon as they are discovered.

 

Daily malware scan

Legistant is audited and certified each day by Linux Kern to help guarantee that the core application is not affected by malware, vulnerabilities, and other online threats. This is also coupled with server rotations on a daily basis, making it hard for long term attacks.

 

Secure development practices

Legistant demands high internal standards for code quality, mandatory code reviews, and constant internal security consultations on complex technical decisions.

 

Role-based permissions

Restrict visibility to sensitive case information to certain lawyers at your firm.

 

Standard Security Practices as a foundation

We use the industry standards for web application security as our foundation for all our application's features which includes and are not limited to SSL/TSL HTTP Strict Transport Security, Encrypted cookies, we also use minimal cookies to prevent data theft and they expire very quickly, we use firewalls that automatically detects threats and blocks all unused ports, we host of all of the scripts from a single source and block cross side scripts from execution.

 

Login Tracking

Legistant collects the IP Address of every login for your account to help you monitor for suspicious account activity, including it's possible location, if the login locations are not from known geographical regions, the logins may be blocked

 

Login Safeguards

Legistant will automatically lock your account for a period of time after too many failed login attempts

 

Password policies

Enforce strong passwords and/or regular password resets with Legistant's password policy settings, below are a few policy examples

  • Forbid common passwords, encourage pass phrases
  • Enforce numeric characters
  • Enforce minimum lengths (16)
  • Enforce special characters
  • Enforce password lifetime
  • Enforce minuscule and majuscule characters
  • Check password against the list of breached passwords using online sources
    (This check creates a hash of the password and compares it with online databases of compromised passwords regularly, compromised accounts are locked and notified)

 

Security Blueprint

We also maintain a blueprint for security, which is similar to a fire escape plan, where we cover 500 of the most common security threats, this ensures preparedness when events occur, we also subscribe to security bulletins and updates regarding our platforms for any downtime or issues.