Security-by-design is our approach at Clarilis

Enterprise-level GDPR-compliant security, with the flexibility and simplicity of a cloud-based solution.


Your data and documents are stored and accessed securely

Clarilis is a web-based system accessed via a browser, hosted on Amazon Web Services ("AWS"). All data is encrypted at rest and in transit.

Enterprise security, cloud flexibility

  • Clarilis is ISO27001:2013 certified by BSI across the entire company (Certificate Number - IS 677941).
  • All requests are logged and verified, including IP addresses.
  • User level authority checks are performed to restrict access to particular document suites and drafts.

Encrypted communication

  • Clarilis’ servers are hosted behind a secure firewall. All access is via encrypted communication.
  • Secure HTTPS, user authorisation checks, and user authentication checks are standard security features.
  • Protected links are time-limited and encrypted to 256bit AES.

Secure server environment

  • There are separate environments for development, testing, and production.
  • All data is stored on encrypted file systems and backed up daily (minimum).
  • The platform is horizontally scalable and active resource monitoring enables agile deployments.
  • If there is an increase in use, the platform can quickly scale to meet demand.

Controlled user access

  • Access can be locked down to a defined list of IP addresses.
  • Access is gained through a SAML2.0 compatible single sign-on (SSO) system, maintaining your security policy requirements.
  • Any changes in access level require authentication by key stakeholders.

Human resource security

  • All Clarilis staff are subject to a criminal record check (DBS), eligibility check, and reference validation pre-employment.
  • Clarilis employees only have access to services/assets that are required to carry out daily duties. All access is recorded and auditable.
  • No development of the system is outsourced.

Bespoke options

A number of additional security elements can be enabled on request:

  • IP lockdown (only permitting access from particular IP addresses).
  • Access via username and password where SSO is not used - configurable user lockout after login failure (CAPTCHA, failure count, unlock timeout, authorisation email).
  • M-PIN (Certivox) integration.

See the Clarilis platform in action with a demo

Discover why companies put their trust in Clarilis

Risk management

“From a risk management perspective, the benefits are clear, with updates made quickly and consistently behind the scenes.”

Miri Stickland

Knowledge Development Lawyer at Forsters

Outstanding delivery

“Clarilis has exceeded our expectations in terms of delivery of the solution.”

Head of Knowledge Management, TLT


News and resources

Is there a role for DocAuto in law firms in the age of GenAI?

The Creation of Real Estate Plus

The Digital Drafting Mentor: Why Clarilis is becoming a critical...