Client data is encrypted at rest, scoped to the attorney who owns the matter, and never leaves the workspace it was uploaded to.
Every sign-in opens a short, time-limited session. Each request to your case data is checked against that session and restricted to the matters you own — so a file that doesn't belong to you cannot be opened from your account, and a session that has timed out can't be reused.
1
Sign in
A short, time-limited session opens for the attorney signing in.
2
Session check
Every request to your case data verifies that session is still valid before anything is returned.
3
Owner-only access
Each case and document is restricted to the attorney who owns the matter. A request from anyone else simply returns nothing — not a partial result, not a hidden field.
4
Encrypted storage
Client data is sealed at rest with bank-grade encryption, tamper-evident so any change to a stored value is detectable.
Sign in → session verified → owner-only access → encrypted storage. Defense at every layer.
The controls in place
✓Encrypted at rest, not just hidden. Sensitive client data is sealed with bank-grade encryption — and tamper-evident, so any change to a stored value is detectable, not just unreadable.
✓Strict per-matter access. Each case and each member belongs to the attorney who owns the file. The system enforces that boundary on every request — there is no path by which one firm's data can surface inside another firm's view.
✓Sessions time out by design. Sign-in sessions are short by default, and repeated sign-in attempts are rate-limited — so a borrowed laptop or a forgotten browser tab doesn't stay an open door.
✓Archived means archived. Closed and archived cases are excluded from your active workspace automatically — no accidental access to a retired file, no risk of pulling old data into a current matter.
