In the Security and Reliability Support Article we cover what security measures Clio takes as a company to ensure the safety of your data from theft and loss. Below you will find more information on how you can take advantage of the advanced security features Clio has to offer.
Two-factor authentication is a mechanism that requires users to provide two different means of identification when logging in. When you enable two-factor authentication in Clio, users will be required to log in with their Clio password and a random numeric code generated by the Google Authenticator application which is available for iPhone, Android, and BlackBerry. This essentially ensures you are who you say you are, as someone pretending to be you would need both your Clio password and access to your email account.
The Clio Mobile App can be used on iOS devices, together with Google Authenticator, to provide single-click access without compromising security. See here for more information.
Two-factor authentication is a strong and highly recommended security feature for Clio customers. For more information on setting up two-factor authentication, read our Two-Factor Authenticator with Google Support Article.
It is easy to forget, but mobile devices are easy to lose or be stolen, even if it is always with you. Having a passcode that locks your device as a whole is essential, and the Clio apps for both iPhone and Android have a mobile PIN feature you can enable that requires you to enter a four digit code every time you open the app.
Additionally, having a locater service connected to your phone or other mobile device is a good way to find it should it be lost or stolen.
Account permissions are an important consideration when inviting a new user to your Clio account. Does this individual need access to Billing, Reporting, or Accounts? Should they be a full Administrator who can also manage your Clio subscription? Or should their access be limited to only what they really need to interact with, such as Matters and Contacts?
It's important to think about the roles people play in your firm and how that translates to your account with Clio.
Groups are a great feature that gives you the ability to assign types of users into designated categories. For many firms, the groups may be "Partners", "Attorneys", "Paralegals", or "Assistants".
But those aren't the only possible groups, it really is up to you! Many Clio customers also create groups based on practice area or billing type, or even location. And people can also belong to more than one group.
Groups remove access to Matters and Activity Descriptions, thereby protecting sensitive information they should not have access to, and for other firms it also acts as more of a filtering mechanism if they have a lot of data.
Clio Connect is the secure client portal connected to your Clio account that a client or co-counsel can access once you have shared a resource with them. Shareable resources include Documents, Calendar Entries, Tasks, Communications and more. More can be read about Clio Connect in our Clio Connect Resources.
Many of our customers utilize this service within their own Clio accounts, and we recommend that those doing so perform an review on a regular basis, in an interval you are comfortable with, where you go through all of the resources you have shared to determine if that is still required.
The best way to find all of the resources shared across your account is by going to Settings > Clio Connect & Sharing. Other ways to view the shared resources for a particular contact or matter can be read about in our "Viewing the Resources you've Shared via Clio Connect" Support Article.
You can also take advantage of our feature within the Security settings in Clio to check what IP addresses your users are accessing your Clio account from.
This is a great habit to develop when it comes to monitoring your account security, as it will allow you to quickly be able to determine if someone is accessing Clio from an unusual location.
Note that all users who choose to remain logged in to Clio will have their login session expire automatically after 30 days, at which time they will be required to log back in to Clio.
If you are interested in keeping tabs on what kind of activity the other users in your Clio account get up to, or potentially tracking down the source of a modified Matter or other resource, then the Firm Feed is a great place to start.
By doing a regular check of the activity in Firm and Matter feeds, you can ensure you are on top of what is going on in your account.