Litigaze's security team uses industry best practices and frameworks to keep data secure. Our approach focuses on security governance, risk management and compliance. This includes encryption at rest and in transit, network security, administrative access control, system monitoring, and more.
Litigaze forces HTTPS for all services using TLS (SSL), including our public website and our Litigaze App.
We regularly audit the details of our implementation:
All passwords are encrypted at rest with a PBKDF2 algorithm with a SHA256 hash.
We maintain separate and distinct production, staging, and development environments for Litigaze.
Litigaze does not process payments or store credit card details. All payments go through our partner, Stripe, which is a leading global payments system that is PCI DSS compliant.
Litigaze production services are hosted on the Amazon Web Services (AWS) platform.
The physical servers are located in AWS data centers.
As at today's date, AWS:
Further details about AWS compliance programs are available from the AWS website.
All user content is stored within US regions of AWS.
All user data stored in Litigaze is protected and access to such data by Authorized Personnel is based on the principle of least privilege.
Only Authorized Personnel have direct access to Litigaze's production systems. Those who do have direct access to production systems are only permitted to view user data stored in Litigaze in the aggregate, for troubleshooting purposes or as otherwise permitted in our Privacy Policy.
Litigaze maintains a list of Authorized Personnel with access to the production environment. Litigaze also maintains a list of personnel who are permitted to access Litigaze code, as well as the development and staging environments. These lists are reviewed regularly and upon role change.
Our security team rapidly investigates all reported security issues. If you you’ve discovered a security bug or vulnerability in Litigaze, please contact us at [email protected]. We ask you to not publicly disclose security issues until we have fully investigated the mater.