As a security professional, it’s your responsibility to choose solutions that minimize risk to your firm. The timekeeping software that you choose could determine the likelihood of those risks becoming reality.
iTimekeep is designed to help firms of all sizes better protect their clients’ data and their own reputation by mitigating the most common threats and applying best security practices every step of the way.
No Data Stored on Mobile Devices:
it is a fact of life that mobile devices are lost or stolen very frequently. Quickly evolving legislation and ABA guidelines puts law firms in the unenviable position of having to notify clients every time this happens. The only surefire way of avoiding these embarrassing calls with your clients and protecting your firm’s reputation is to avoid storing client data on a mobile device. iTimekeep never stores client data on devices, which preserves your firm’s reputation, protects your attorneys from themselves, and keeps cyber-insurance rates from growing astronomically.
Private Network Protection:
Every single mobile device which contains the secret keys providing access to your internal private network increases the risk of a data breach, especially when the device could be infected by malware. We designed iTimekeep so that user devices connect only to our servers and not to your network, so your firewall can remain closed and fully protect your client’s confidential data.
Your Client Data, Where It Belongs:
With iTimekeep, your client, matter, and timecard data resides in your accounting system, where it is most secure. iTimekeep’s competitors will force you to replicate this data onto a separate database, which would have to be protected separately and creates more avenues for data exposure.
Full Data Integrity:
With iTimekeep, any changes made by staff in your accounting system will be visible to your attorneys on their mobile device. Avoid risk and compliance issues that may arise when attorneys work with stale data and do not have the latest and most accurate information available.
Touch ID or PIN:
IT Administrators can require Touch ID or PIN verification on every single use of iTimekeep, even on personal devices that may not be protected by MDM or additional security mechanisms. IT Administrators can rest assured that client data will not be accidentally viewed by family members or other unauthorized users.
There are over 156 million phishing emails sent each day, claiming 80,000 daily victims. Don’t think your attorneys are immune. iTimekeep requires two-factor authentication out of the box, so even a set of compromised credentials would not be sufficient for a successful attack since any device the attacker would use would have to be verified by the true account owner. As an added layer of protection, an email notification will let the true account owner know immediately if and when a new device is registered under their account.
Verified by VERACODE:
Every new release of iTimekeep is run through VERACODE’s leading application security analysis engine. Security and compliance in today’s environment is tricky. Do not simply trust that your vendors are well-versed on it.
Hosted by Microsoft Azure:
Segregated networks, multiple firewalls, SSL-encrypted connections, databases encrypted at rest, geo-redundancy, disaster recovery, Microsoft security monitoring, 3rd party daily vulnerability scanning. Background checks for Bellefield employees. Law Firms, Government Organizations and Accounting Firms trust iTimekeep’s security to keep their data safe.
Both in-flight and at rest. We only use SSL-encrypted communications with 2048-bit certificates and secure ciphers and protocols. All our databases are encrypted at rest and the encryption keys are automatically managed and rotated by Microsoft every three months. Bellefield employees do not have access to the encryption keys.
According to recent studies, the top three causes for mobile security incidents include lost/stolen devices containing client data, mobile malware, and employees disabling or working around security features. These risks are particularly acute in BYOD scenarios where users feel compelled to use their devices however they want to.
Increased cyber-insurance premiums adding unwanted stress and unnecessary costs to your bottom line.
Constant security threats, ever-increasing in sophistication and volume.
Client fallout due to substandard security practices, botched client audits, and lack of speedy client notification after a suspected or confirmed data breach.