Security-by-design is our approach at Clarilis

Enterprise-level GDPR-compliant security, with the flexibility and simplicity of a cloud-based solution.

platform-security-hero

Your data and documents are stored and accessed securely

Clarilis is a web-based system accessed via a browser, hosted on Amazon Web Services ("AWS"). All data is encrypted at rest and in transit.

Enterprise security, cloud flexibility

  • Clarilis is ISO/IEC 27001:2022 certified by BSI across the entire company (Certificate Number - IS 677941).
  • All requests are logged and verified, including IP addresses.
  • User level authority checks are performed to restrict access to particular document suites and drafts.
platform-security-enterprise

Encrypted communication

  • Clarilis’ servers are hosted behind a secure firewall. All access is via encrypted communication.
  • Secure HTTPS, user authorisation checks, and user authentication checks are standard security features.
  • Protected links are time-limited and encrypted to 256bit AES.
platform-security-encrypted

Secure server environment

  • There are separate environments for development, testing, and production.
  • All data is stored on encrypted file systems and backed up daily (minimum).
  • The platform is horizontally scalable and active resource monitoring enables agile deployments.
  • If there is an increase in use, the platform can quickly scale to meet demand.
platform-security-server

Controlled user access

  • Access can be locked down to a defined list of IP addresses.
  • Access is gained through a SAML2.0 compatible single sign-on (SSO) system, maintaining your security policy requirements.
  • Any changes in access level require authentication by key stakeholders.
platform-security-controlled

Human resource security

  • All Clarilis staff are subject to a criminal record check (DBS), eligibility check, and reference validation pre-employment.
  • Clarilis employees only have access to services/assets that are required to carry out daily duties. All access is recorded and auditable.
  • No development of the system is outsourced.
platform-security-human

Bespoke options

A number of additional security elements can be enabled on request:

  • IP lockdown (only permitting access from particular IP addresses).
  • Access via username and password where SSO is not used - configurable user lockout after login failure (CAPTCHA, failure count, unlock timeout, authorisation email).
  • M-PIN (Certivox) integration.
platform-security-bespoke

See the Clarilis platform in action with a demo

Discover why companies put their trust in Clarilis

Risk management

“From a risk management perspective, the benefits are clear, with updates made quickly and consistently behind the scenes.”

Miri Stickland

Knowledge Development Lawyer at Forsters

Outstanding delivery

“Clarilis has exceeded our expectations in terms of delivery of the solution.”

Head of Knowledge Management, TLT

Forsters logo
tlt-logo

News and resources

5 tips to keep your LegalTech adoption on track

Clarilis launches an automated Early-Stage Investment Suite

Clarilis | Avail integration