At Clio, we take the security of your data very seriously.
In addition to the measures you can take in your own account to ensure the best security practices possible, Clio has also taken the time to ensure that our product is encrypted and adheres to industry best practices with regards to handling customer data.
View Clio's certifications on the "Security and Reliability" page.
The encryption of the data being transmitted between you and our servers is one of our top priorities. Our SSL (Secure Sockets Layer) encryption, which protects your data in-transit, is provided by Gandi and verified by Norton.
Providers of SSL certificates assure the identity of the website you are visiting by checking references and researching the company before the certificate is awarded. It is important for you to check for a little green lock icon, or "https://", in the address of any website that you might be exchanging sensitive information with.
These SSL certificates are used every time you send data between your computer and the hosting server of a website to ensure the identity of the company or entity you are visiting. Once the website is verified by this certificate, a "handshake" - or initial connection - is made.
During this initial connection, both connections agree to an encryption protocol. This is used to establish a secure connection between the two computers - this is the SSL itself. The data is scrambled in transit in order to protect your information, making it difficult for anyone in the middle to intercept and collect your confidential information.
Clio also uses a combination of software-based encryption, hosting solutions (Amazon Web Services, and Google Cloud Platform), and secure self-encrypting devices, that meet the definition outlined in NIST-800-53 SC-28 PROTECTION OF INFORMATION AT REST.
Ensuring the website you are using is free of malware or other harmful vulnerabilities is another factor Clio actively addresses by being certified by McAfee Secure.
This certification means that we have been tested by McAfee and have proven to be free of malware and any other malicious information, have an active SSL certification, and no incidents of phishing (attempts to acquire sensitive information).
The confidentiality of your data within your Clio account is another priority of ours, and as such we've been certified by TRUSTe.
TRUSTe was founded in 1997 and certifies companies who are in compliance with the requirements of their data confidentiality program. Among these are specific requirements regarding transparency and accountability of data collection and use.
For both our North American and European Union customers, we have geographic redundancy in place. This means that we have multiple servers backing up your data in real time.
In the unlikely event of a server failure or loss, this means that your data will still be accessible to you. However, while we do have these measures in place, it is important, and often an ethical consideration, to retain local backups of your data. For information on how to retrieve your data from Clio for the purposes of a local backup, see the "Exports and Permissions" article.
You also have the option of setting up a data escrow account to an Amazon S3 bucket, which is a more automated process.
Login throttling is the feature by which a certain number of failed login attempts results in an automatic wait time before you can attempt logging in again.
All sensitive communications, including those involving Credit Cards, are secured using SSL encryption to ensure that the privacy and security of your information is protected.