Security - ISO 27001 Certified | Enterprise Ready Platform

Security - We Keep Your Data Safe

Wherever you are in the world.

SECURITY MATTERS

You Value Your Data's Security. We Value Your Trust

Safeguarding your data is paramount, and Lawcadia keeps your data safe with an ISO 27001:2022 certified Information Security Management System (ISMS). This international standard ensures that your data is protected through meticulous third-party security evaluations, rigorous audits, penetration testing, and continuous security enhancements.

By adhering to these stringent protocols, we can confidently secure your data across various geographical locations. The sovereignty of your data is maintained, with the flexibility to access your information seamlessly through shared or private cloud infrastructures.

Book A Demo

PLATFORM PERFORMANCE

Secure & Reliable

Our platform, powered by Amazon Web Services (AWS) data storage, ensures that your information is not only safeguarded but also accessible from any location, at any time.

By leveraging AWS's robust infrastructure, we offer a solution that ensures your data is both secure and easily retrievable. It also provides the peace of mind that comes with knowing your data is protected by the best in the business.

Reliability is important and Lawcadia data is stored safety and securely across multiple geographic locations within each AWS region for redundancy. The data is stored either in Sydney, Australia, London, United Kingdom, or Oregon, United States. The platform is also reinforced with auto-scaling to adjust capacity to maintain steady and predictable performance.

SECURITY CONTROLS

Access Management

Enhancing your legal teams access without compromising security has become simpler with Identity Access Management providers (IAM) and Single Sign-On (SSO). They streamline platform access across your organisation while upholding high security standards.

Lawcadia utilises SAML to exchange authentication and authorisation data between your Identity Provider (IdP) including Okta, auth0, OneLogin, Microsoft Entra ID, Google IdP and our platform. Allowing users to authenticate with a single set of credentials across multiple services.

In addition, we support SCIM (System for Cross-domain Identity Management) for automating the exchange of user identity information and can also enable multifactor authentication (MFA) as another layer of security for administrator roles.

ACCESS CONTROL

Information Barriers

Information barriers are essential controls that prevent unauthorised communication and data sharing between specific teams or individuals, ensuring compliance and safeguarding sensitive information within your legal matters.

Lawcadia uses highly granular permissions so that you have complete control over what data your users can access as well as an ability to lock down matters that are highly sensitive.

Role-based access control (RBAC) further strengthens these measures by assigning permissions based on an individual's role. This ensures employees only have access to the information necessary for their work, reducing the risk of unauthorised access.

INDEPENDENTLY ASSESSED

SecurityScorecard

You can gain a holistic view of Lawcadia’s cybersecurity posture with security ratings.

SecurityScorecard calculates cybersecurity scores based on 10 factors that reflect different cybersecurity practices and risks. Lawcadia has an 'A' grading and consistently out-performs competitors.

SecurityScorecard's trusted and proven security ratings are used by 70,000 companies across the globe.

Security Protocols

Secure Data Encryption

The Lawcadia platform is end-to-end encrypted, with dual layer (Application and Cloud level) data-at-rest encryption using AES 256 and transit layer encrypted with TLS 1.2/1.3.

Frequent Platform Updates & Improvements

Regular platform updates and necessary patches are released in the cloud environment without downtime. Proactively fixing issues as they arise supports continuous improvement and allows for positive and more frequent enhancement cycles.

Multi-Factor Authentication & Single Sign-On

Lawcadia supports and recommends SAML 2.0 single sign-on (SSO). However, where this is not possible, we enforce multi-factor authentication.

Real-Time Monitoring

We monitor our application for real-time health, security, uptime and general event updates using an array of comprehensive monitoring tools, including threat detection and network vulnerability scanning, which feeds into our Advanced SIEM (Security Information and Event Management) system.

Backups & Disaster Recovery

All data is backed up regularly throughout the day and is stored for six months. Lawcadia has a comprehensive disaster recovery plan in place in which various scenarios are tested annually, ensuring a quick recovery from any disruptions should they arise.

Enterprise-Grade Web Application Firewall (WAF)

A cutting-edge advanced WAF (web application firewall) system protects Lawcadia from DDoS (distributed denial-of-service) attacks and other threats, keeping your data safe.

Frequently Asked Questions

What security certification does Lawcadia hold?

Lawcadia holds ISO 27001:2022 certification for its Information Security Management System. This is an internationally recognised standard that requires independent third-party assessment, rigorous auditing, penetration testing and continuous security improvement. It provides assurance that Lawcadia’s security practices meet a defined and auditable standard.

Where is Lawcadia data stored?

Lawcadia data is stored on Amazon Web Services (AWS) infrastructure across multiple geographic locations within each AWS region for redundancy. Data is stored in Sydney (Australia), London (United Kingdom), or Oregon (United States), depending on the region of the organisation. This geographic distribution supports data sovereignty requirements and ensures continuity in the event of a regional disruption.

How does Lawcadia protect data from unauthorised access?

Lawcadia uses role-based access control (RBAC) to ensure users can only access information relevant to their role and responsibilities. Information barriers can be applied at matter level for highly sensitive work. All data in transit is encrypted using TLS 1.2/1.3, and data at rest is encrypted using AES 256 at both application and cloud level. Multi-factor authentication and SSO support further strengthen access controls.

What is Lawcadia's SecurityScorecard rating?

Lawcadia holds an ‘A’ grade on SecurityScorecard, an independent cybersecurity rating platform used by over 70,000 organisations globally. SecurityScorecard assesses security performance across ten risk factors. Lawcadia consistently outperforms competitors in its category.

How does Lawcadia handle disaster recovery?

All data is backed up regularly throughout the day and retained for six months. Lawcadia maintains a comprehensive disaster recovery plan that is tested annually across a range of scenarios. The platform is also hosted on auto-scaling AWS infrastructure, which adjusts capacity to maintain consistent performance and minimise the risk of downtime.

Can Lawcadia meet the security requirements of regulated industries?

Yes. Lawcadia is designed for organisations operating in complex and regulated environments, including financial services, government and healthcare-adjacent industries. Its enterprise-grade security architecture, ISO 27001 certification, granular permissions, and audit trail capabilities are built to meet the requirements of organisations with strict governance and data protection obligations.