IT Platform & Security

VortexLegal’s technology is built on a top-of-the-line infrastructure.

At VortexLegal we have a secure, online reservation and documents management system. Our platform is built and hosted on Amazon Web Services (AWS). AWS has built a reputation for providing some of the most secure and best-run data centers in the world.

AmazonWebservices_Logo

All information and documents uploaded and stored on our platform are protected by our industry-leading IT security, SSL data encryption, and privacy safeguards. By utilizing AWS, VortexLegal ensures that all data and documents are compliant with privacy safeguards required by state and federal laws, state Bar rules and maintains the following, as further detailed on the AWS website:

SOC 1 / ISAE 3402 Certified
The Service Organization Controls 1 (SOC 1), Type II report is conducted in accordance with AICPA: AT 801 (formerly SSAE 16) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402). This dual-standard report can meet a broad range of auditing requirements for U.S. and international auditing bodies.

soc1-certified

SCO 2 Certified
The Service Organization Controls 2 (SOC 2), Type II report expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles.

soc1-certified

SCO 3 Certified
The Service Organization Controls 3 (SOC 3) report is a publically-available summary of the AWS SOC 2 report. It includes the external auditor’s opinion of the operation of controls (based on the AICPA’s Security Trust Principles included in the SOC 2 report), the assertion from AWS management regarding the effectiveness of controls, and an overview of AWS Infrastructure and Services.

soc3-certified

ISO 27001 Certified
Security certified by The International Organization for Standardization (ISO) 27001, a widely-adopted global security standard that outlines the requirements for information security management systems. It provides a systematic approach to managing company and customer information that’s based on periodic risk assessments.

IOS-27001-certified

PCI DSS Level 1 Certified
Capable of supporting Payment Card Industry (PCI) Data Security Standard (DSS) applications when AWS and Caspio-provided security controls are used in tandem.

pci-certified

FISMA Moderate Level Certified
Authorized to operate under the Federal Information Security Management Act (FISMA) Moderate level by the U.S. General Services Administration.

Great_Seal_of_the_United_States_

TRUSTe EU Safe Harbor Certified

We respect your privacy and the privacy of the information in your account and treat both with utmost care and consideration. The service is a licensee of the TRUSTe® Privacy Program and abide by the EU Safe Harbor Framework as outlined by the U.S. Department of Commerce and the European Union.

TRUSTe is an independent organization devoted to build users’ trust in the internet by promoting the use of fair information practices.

truste-eu-safe-harbor-certified

Other Security Layers:

Network and Systems Layer
Our network is protected by top-of-the line firewalls from industry-leading vendors. These firewalls remain up-to-date with upgrades and patches provided by vendors and they are configured to allow only the absolute minimum level of access to internet users. Various security measures are employed and enforced inside of the perimeter firewalls and on internal systems. The exact nature of these measures is kept confidential.

All operating systems are kept current with all the patches recommended by their vendors.

All unnecessary users, protocols, and ports are disabled and monitored. Our databases can only be accessed through trusted authentication and are kept inside layers of protection.

Human Layer
All data maintained in your account is owned by you.

Our employees do not have direct access to the production equipment, except where necessary for system management, maintenance, monitoring, and backups.

We do not outsource data management to service providers. Only select qualified permanent employees are allowed access to database servers, and only when their access is absolutely necessary.

Application Layer
The platform offers extensive features to help you protect and secure your account, data and applications:

Account Authentication:  Your account is protected by your Account ID and password. We encourage you to use strong passwords, protect them from others and change them often. We do not store sensitive user data in cookies or utilize other high-risk user or session tracking methods.

Data Encryption:  When you log into your account, your session is secured with 100% data encryption. Many of this site’s pages are secured with industry-standard SSL security.

If you have any questions about our platform, technology, service or security, please contact us

Ready to get started?  Create an account with us online today.    Register