About the solution

Security

Security is our highest priority

Security is a top priority at Proceedy and is considered a key part of company culture. We develop our software after the well known principles of “Privacy by design”.

All of the Proceedy Timeline infrastructure is hosted at Azure cloud in the EU. For more information regarding their security practices, please visit their security website. security website.

Application Security

Battle Tested Frameworks

Proceedy Timeline uses de-facto web application frameworks to ensure the integrity of communication between the client and the server. Techniques include:

  1. XSS protection
  2. CSRF protection
  3. Oauth 2 security framework (JWT token)
  4. Audit logging

Password Hashing

Passwords are never stored in plain text. They are all hashed before storing in the database and handled by specialized security software.

Virus and Malware Scanning

All files loaded into Proceedy Timeline are automatically scanned for viruses and malware.

Network & Storage Security

Encryption in Transit

All external and internal communication requires encryption via TLS. All of our web servers require an SSL connection from end users in order to access the application.

Encryption at Rest

All stored data is encrypted when written to disk. In the case of a physical security breach, the attacker would have no way of reading client data.

Operations

Agile Development with Code Review


Proceedy Timeline adheres to an agile methodology of development. Code is subject to automated testing for security and integrity. After automated testing, code is reviewed and signed off on by another engineer for security and integrity. Then the code is tested for quality in a test environment. The code is allowed to be released only when all previous steps are completed. Every change is audited and traceable at all times.

Backups & Recovery

All data stored within Proceedy Timeline is automatically backed up on a daily basis and retained for an extended period of 7 days. In the case of a disaster recovery scenario, this data can be used to restore the application back to the last known operational state.

Employee Equipment

All employees are issued a company laptop that is returned upon termination. Every employee laptop has disk encryption enabled to prevent theft from compromising the system.

Employee Access

All access is given under the principle of least privilege. This access is revoked upon employee termination. Where available, two factor authentication is required for all work applications. Access is monitored and audited.

Account Security

Two Factor Authentication

Every user account has two factor authentication enabled to add an additional security layer to your account. Every time the user logs in with username, password and a one-time login code to access your data.

Permissions Levels

Every customer administrator within Proceedy Timeline can control who has access to data. This ensures privileged and confidential information stays that way, while allowing the user to invite collaborators.

Audit Tracking

Every time you log into Proceedy Timeline, a unique "session" tied to your web browser and changes to data is logged for audit purposes.

Curious about the law business of the future?

Contact us and learn more!

Find us here

Contact

Socials