Skip to main content
All CollectionsSecurity
Configure security settings for your organization
Configure security settings for your organization

A set of security features that enable legal teams to add further security and confidentiality measures to keep their data in LawVu secure.

Marinelle avatar
Written by Marinelle
Updated over 7 months ago

Security, privacy, and confidentiality are crucial to legal teams, and our team here at LawVu ensures that we adhere to the highest privacy standards and security regulations.


These security features will enable your in-house legal teams to gain complete control over their sensitive data from inside LawVu.

In this article:


Two-factor authentication

Enabling this feature will require all users within your organization to be authenticated with an additional one-time password sent via email when they log in.

To know more about this, click here.


External communication

We have applied stricter security settings to prohibit sensitive information from LawVu from being shared with any third parties via email by disabling external communication.

Organization administrators can enable or disable this functionality by going to Organization Settings > General Settings > Security.

When disabled, this will:

  • Remove the email address of a matter, contract, or associated conversation from any email correspondence.

  • Eliminate the option to share files by sending them via email. Users will no longer be able to share a contract document or a file within the 'Files' tab of a matter by sending them via email. This will also remove the option to add email recipients from Conversations.


Logout inactive users

You can layer on security and data protection by logging users out after a certain inactivity period.

The timeout inactivity feature is available for all organizations, and you can reach out to your CSM if you want this enabled for your org. (Note: If you choose not to, the settings are set to default. Users will be logged out after 24 hours of inactivity.)

Once we enable the feature for you, Administrators can go to Organization Settings > General Settings > Security and choose to enable or disable "Logout inactive users" and/or adjust the default inactivity periods accordingly (as shown in the clip below):

The timeout period for inactivity can be aligned based on the organization's specific security policy from a minimum of 15 minutes to a maximum of 12 hours. When not enabled, the settings are set to default - users are logged out after 24 hours of inactivity.


Compliance Security

Compliance Security is a set of standard settings aimed at ensuring the privacy of data. If Compliance Security is enabled, then tighter security settings are automatically applied without the option of switching them off.

Having Compliance Security turned on for your organization will:

  1. Permanently disable external communication

    This will remove the email address of a matter, contract, or associated conversation from any email correspondence and eliminate the option to share files by sending them via email.

  2. Enforce timeout inactivity

    The Logout inactive users setting will be enabled by default, but you will still be able to adjust the timeout period based on the organization's security requirements.

  3. Restrict information on email notifications

    All information, such as the matter or contract name and the content of conversations/assignments on email notifications, will be automatically removed.

To enable Compliance Security for your organization, please reach out to your CSM or Implementation Manager.


Email security

LawVu utilizes Sendgrid for external email from our product. For each geographically isolated stack of our product, a discrete Sendgrid configuration is utilized as detailed below. Please note that the Sendgrid instance itself is not paired to the same region, as outlined in our Subprocessor list. Some organizations opt to have the emails generated to be generic notifications and omit any matter or contract details.

LawVu Product Email Hostnames

The following are the email service hostnames associated for each LawVu geographical stack:

mail.lawvu.com

Australia stack

mail-can.lawvu.com

Canada stack

mail-eu.lawvu.com

Europe stack

mail-us.lawvu.com

USA stack

mail.lawvu-gov.com

USA Gov stack

Email Format

Email notifications generated by the LawVu product are sent using the syntax “id@mail-host”. For example:

The identifier relates to a contract or matter. This email is formed in such a way to mitigate any attempt to manipulate a contract or matter.

Email Security

LawVu implements the following security and authentication measures to ensure delivery of email is as secure as possible:

  • TLS (Transport Layer Security)

  • DKIM (DomainKeys Identified Mail)

  • SPF (Sender Policy Framework)

  • DMARC (Domain-based Message Authentication, Reporting and Conformance)

Email Delivery

In line with industry security practices, all platform emails to and from Sendgrid are mandated to transfer over a minimum TLS 1.2 connection, with full identity verification to ensure that traffic cannot be intercepted.

Did this answer your question?