We take data security seriously.

Airport Lawyer is designed to meet or exceed best practices in data security for lawyers (even though we are not a law firm). Our app was designed, and is hosted by Neota Logic, a leading legal technology company based in New York. Our team includes Joshua Lenon, a data privacy and data security expert at Clio - the world's largest digital law practice management company.

 

Security and Reliability at Neota Logic

Security of customers’ data and reliability of service are core standards at Neota Logic. Key elements of our approach are summarized here. Details are available upon request by email to our Chief Information Security Officer.

The Neota Logic System (“NLS”) is provided as a Platform-as-a-Service and can be hosted around the world in any of the Amazon Web Services (“AWS”) regions—US, EU, APAC, Canada, and others.

NLS is designed and configured at AWS for security, fault tolerance, high availability, and easy scaling to assure good performance at high levels of use.

Data is encrypted in transit via https/SSL and Transport Layer Security (TLS) and encrypted at rest via continuous encryption of the PostgreSQL database that manages all elements of NLS operations and applications. Data storage is configurable for compliance with regional data privacy laws as well as customer-specific requirements.

With the Neota Logic Hybrid Cloud Option, customer data may be stored (1) in Neota Logic-managed databases in our Virtual Private Cloud (“VPC”) at AWS, or (2) in customer-managed databases in their own VPC’s at AWS or Microsoft Azure or in customer-controlled data centers. Policies and procedures for information security as well as all other aspects of technical operations are ISO 27001-aligned. We conduct periodic internal audits to verify compliance.

Penetration testing is conducted periodically by independent security experts, and are subject to audit by customers’ information security teams.

Complex passwords are required, and must be changed at intervals. Multiple failed logins within a set time period result in administrative lockout of the account.

Multi-factor authentication is available via Active Directory Federated Services.