Security-by-design is our approach at Clarilis

Enterprise-level GDPR-compliant security, with the flexibility and simplicity of a cloud-based solution.


Your data and documents are stored and accessed securely

Clarilis is a web-based system accessed via a browser, which connects to dedicated servers hosted in a secure Tier 3+ data centre located in the UK (GDPR-compliant).

Enterprise security, cloud flexibility

  • Clarilis is ISO27001:2013 certified by BSI across the entire company.
  • All requests are logged and verified, including IP addresses.
  • User level authority checks are performed to restrict access to particular document suites and drafts.

Secure physical environment

  • Clarilis’ dedicated servers are hosted in a secure Tier 3+ UK data centre (GDPR-compliant)
  • Security includes 24/7 security staff, fencing, HD CCTV, and biometric systems.
  • The data centre is also ISO27001-accredited (verified) and has a 99.9% guaranteed uptime SLA.

Encrypted communication

  • Clarilis’ dedicated servers are hosted behind a secure firewall. All access is via encrypted communication.
  • Secure HTTPS, user authorisation checks, and user authentication checks are standard security features.
  • Protected links are time-limited and encrypted to 256bit AES.

Secure server environment

  • There are separate environments for development, testing, and production.
  • All data is stored on encrypted file systems and backed up every night.
  • The platform is horizontally scalable and active resource monitoring enables agile deployments.
  • If there is an increase in use, the platform can quickly scale to meet demand.

Controlled user access

  • Access can be locked down to a defined list of IP addresses.
  • Access is gained through a SAML2.0 compatible single sign-on (SSO) system or with usernames and passwords.
  • Users are assigned to groups and can be added, removed or deactivated instantly.
  • Any changes in access level require authentication by key stakeholders.

Human resource security

  • All Clarilis staff are subject to a criminal record check (DBS), eligibility check, and reference validation pre-employment.
  • Clarilis employees only have access to services/assets that are required to carry out daily duties. All access is recorded and auditable.
  • No development of the system is outsourced.

Bespoke options

A number of additional security elements can be enabled on request:

  • IP lockdown (only permitting access from particular IP addresses)
  • Configurable user lockout after login failure (CAPTCHA, failure count, unlock timeout, authorisation email)
  • M-PIN (Certivox) integration

See the Clarilis platform in action with a demo

Discover why companies put their trust in Clarilis

Risk management

“From a risk management perspective, the benefits are clear, with updates made quickly and consistently behind the scenes.”

Miri Stickland

Knowledge Development Lawyer at Forsters

Outstanding delivery

“Clarilis has exceeded our expectations in terms of delivery of the solution.”

Sarah Vickery

Head of Knowledge Management, TLT


News and resources

Automating the MCL | Can it help to close the digital divide? |...

3 Steps to LegalTech Success | Clarilis

Report signals upturn in innovation in Canadian law firms