Discovery Force | Security

Security

Keeping your case documents, financial and personal information secure and confidential is one of our most important responsibilities. Your information remains secure because our systems are protected in the following ways:

Servers are located in a colocation facility enclosed in their own environmentally controlled locked cage within a locked facility with 24/7 on-site security.
Access to server(s) is restricted to only on-duty technician(s).
Uploaded data is stored on distinct local file server(s).
Data is backed up daily at 1:00 am on different file server(s)
Hardware and software firewalls are in place allowing no remote access except to the web server(s).
Forensically sound methods are used to transfer your data to our system.
keeps an unmodified copy of your data for reference.
Access to view and edit data is controlled by the law firm's designated case management staff. Access to functionality and data is restricted on a user-by-user basis depending on their role on a particular case.
Computer anti-virus protection detects and prevents viruses from entering our computer network systems.
Firewalls block unauthorized access by individuals or networks. Firewalls are one way we protect our computer systems that interact with the Internet.
Secure transmissions ensure information remains confidential.
Any hard media is boxed with tamper-proof security tape and couriered overnight.

We use tunneling and encryption technology to transmit information between you and us. This protects data in two key ways:

Authentication ensures that you are communicating with us, and prevents another computer from impersonating
Data integrity verifies that the information you send to us is not altered during the transfer.

Advances in security technology are constantly evaluated by our experts to ensure that we provide the right protection for you.

In addition, discoveryforce is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders.

Data Integrity
MD5 Hash Values
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. As an internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. An MD5 hash is typically a 32-character hexadecimal number.^[1]

All electronic files are made up of a series of bits that relate to a file's composition and any other attributes that define the file. Based on this composition of bits, a unique identifier can be created for any electronic file.

An electronic function, in this case an algorithm, called MD5 (Message-Digest algorithm 5) can be run against a file to create a unique identifier that is similar to a serial number or a fingerprint of a file. The identifier, referred to as a MD5 hash value, is a unique binary string of alphanumeric characters. Here is an example of a MD5 hash value: 'a900de1a7eebc39ce36fa142f6d51fb0'.

Each time the same MD5 algorithm is run against a particular file, the exact same hash value will be produced thereby ensuring the integrity of the file. If a single bit has changed in the file, then a new MD5 hash value would be returned that would not match the original MD5 hash value and thus indicate that they are different files.

In short, the system compares the MD5 hash value of the original file on the client's machine to the MD5 hash value of the copy that is uploaded to the discoveryforce servers:

The system runs MD5 against the file on the client's system and uploads a unique hash value that is noted in the system.
When the original file is uploaded, the MD5 hash value of the copied file is compared to the pre-upload MD5 hash value from the client's side.
If the MD5 hash values are exactly the same, then the uploaded file is stored on the servers for electronic conversion.
If the MD5 hash values do not match, then the uploaded file is not retained on the servers.

Separate Input/Output Servers
All uploaded files are stored on designated input servers separate from the output servers. The uploaded directory structure mimics the directory structure where the files were stored on the client's computer. For example, if the documents were uploaded from the client's computer under the file path C:/Desktop/Case_One/Case_Files/file_name.extension, then that is how they are stored on the discoveryforce input server. This ensures that the original uploaded copies do not commingle with any other files before, during or after the electronic conversion process.

Read Only Files

During the electronic conversion process a read only copy of a file is accessed by the system by applications that can render them. The original file is then closed, but not saved, thereby maintaining the exact original form of the uploaded file.