Security

Level Legal understands the importance of a robust and state-of-the-art infrastructure management and cybersecurity system with expertise in the intricacies of eDiscovery. We partner with the best in the industry whose core business is the design, implementation, and maintenance of private cloud resources with a key focus on security, connectivity, and redundancy.

Customer data protection is our highest priority. As a Level Legal customer, you can be assured that your data will be hosted in a review platform that is designed and managed to meet the requirements of the most security-sensitive organizations.

  • GDPR compliant
  • HIPAA compliant, ISO27007 and ISO27077 certified
  • Data centers provide HIPAA, PCI, NIST, SOC2, and ISO Compliance (amongst others)
  • Ongoing staff awareness and education

Information, Communication, and System Security

  • Strict role-based and least privilege identity and access management, including MFA
  • System hardening and proactive patch management activities
  • Network protection via firewalls
  • System center operations manager monitoring that provides alerts for system health
  • All data is encrypted in transit and at rest (TLS 1.2 or higher, encrypted using AES-256)
  • Data transfer performed using secure methods

Advanced Threat Detection

  • Advanced security monitoring software
  • 24/7 monitoring with full spectrum visibility
  • Real-time threat detection
  • Endpoint defense deployed
  • IDS and IPS implemented on all corporate devices
  • Log retention of 180 days
  • Weekly vulnerability scans

Disaster Recovery and Backup

  • Fully redundant hardware with immediate failover capabilities where possible
  • Industry best practice methodologies in place for data backup
  • High availability for primary servers

Physical Security (Data Center Partners)

  • Multilayered, zoned physical security
  • Directly employed, armed security staff with 24/7 coverage
  • Built in lowest risk areas for natural disasters
  • Monitored interior and exterior surveillance cameras
  • Zone access via biometrics and proximity card down to cabinet level
  • 2N+1 fully redundant infrastructure (dual power grid and systems)
  • Multiple on-site diesel generators, redundant and diverse UPS systems
  • On-site, certified fire department with advanced fire detection systems

Secure Virtual Desktops

Level Legal offers the highest levels of security through our scalable, fully-managed virtual desktop environment for end users. This includes quick spin-up, virtualization software, patching and updates, security, bandwidth, and reporting and monitoring at a predictable monthly operating cost.

Our high-performance virtual desktops provide the fastest end-user experience, and our customizable solution complies with the most stringent security and compliance needs, including ITAR, PCI, and HIPAA HITECH compliance.

Multiple Layers of Built-in Security

Level Legal takes a comprehensive approach to security and controls to specifically address each layer of the cloud-delivered desktop. From the user and their endpoint devices all the way to the physical data center infrastructure, security has been built using a combination of virtual technologies, hardware, and customizable user controls.

User Controls

Level Legal’s cloud-delivered desktops enable us to restrict access and capabilities using more than 100 available control attributes. Controls can be customized per user, project, group, and at other granularities. All environments begin with these basic controls:

  • Restrict user administrative rights
  • Disable printing (local, network, screen)
  • Disable screenshots
  • Disable folder redirection
  • Disable access to local storage
  • Disable clipboard redirection
Close Modal

Our Framework

Understand.

During this phase, we work to step away from any assumptions and guesses about what our customers needs, and let our research findings inform our decision-making. We learn more about our customers, their problems, wants, and needs, and the environment or context in which they will use the solution we offer.

Our Framework

Define.

During the Define phase, we analyze our research findings from the Understand phase and determine what is the most important problem to solve — and why. This step defines the goal. Then we can give a clear problem statement, describing what our customers’ needs are that we are trying to solve, making sure that we heard and defined their problem correctly.

Our Framework

Solve.

This phase is an important part of the discipline in our process. People often settle for the first solution, but the most obvious solution is often not the right one. During the Solve phase, we brainstorm collaboratively with multiple stakeholders to generate many unique solutions. We then analyze our potential solutions and make choices about which are the best to pursue based on learnings in the Understand phase.

Our Framework

Build & Test.

This phase is critical in developing the right solution to our customers’ problem. An organized approach to testing can help avoid rework and create exceptional outcomes. Starting small and testing the solution, we iterate quickly, before deploying solutions across the entire project.

Our Framework

Act.

During this phase, the hard work of prior phases comes to life in our customers’ best solution. The research, collaboration, and testing performed prior to project kick-off ensure optimal results.

Our Framework

Feedback.

At the project completion, we convene all stakeholders to discuss what went well, what could have been better, and how we might improve going forward. We call these meetings “Retrospectives,” and we perform them internally as a project team, and with our external customers. The Retrospective is one of the most powerful, meaningful tools in our framework.

Next