Below is a brief overview of our data management strategy.  Keep in mind that LeanLaw is a plug-in to QuickBooks Online.  This means that the majority of your data would permanently reside in QuickBooks Online and their server architecture. 

All data is encrypted "in motion" when transferred between LeanLaw's systems and other systems including the user's browser and third-party systems such as QuickBooks Online. The encryption is done with standard web encryption (HTTPS/TLS). LeanLaw also encrypts some sensitive data "at rest" including user credentials such as passwords and credentials for accessing QuickBooks online accounts using AES-256 encryption. Payment information is not stored or known to LeanLaw but managed by Stripe, a third-party payment provider.

When authenticating in LeanLaw, you do have the option of credentialing via a Google, Intuit or Office365 account. With all three of those entities, you can use two-factor authentication.  We don't offer that option for users who choose to use a LeanLaw username and password. 

We follow best practices and standards as much as possible. 

Legal Cloud Computing Association (LCCA) is an organization whose purpose is to facilitate adoption of cloud computing technology within the legal profession, consistent with the highest standards of professionalism and ethical and legal obligations.  The organization’s goal is to promote standards and guidelines for cloud computing that are responsive to the needs of the legal profession and to enable lawyers to become aware of the benefits of computing resources through the development and distribution of educational and informational resources.

Data and Location

The following information is stored by LeanLaw systems:

Where is it located?

LeanLaw does not have geographic redundancy in the production database.

Microsoft supports the following standards in the Azure platform: