Esquire Global Security Model

Our global security model consists of layered and interlocking physical, digital, and procedural components to manage risk.

Designed in Security

At Esquire, we’re mindful of the information security challenges created when maintaining and accessing sensitive documents online. We have established a layered physical, digital, and procedural risk management framework to protect the network, safeguard all client data end to end, and support your compliance obligations. Our state-of-the-art information security infrastructure aligns with, and in many areas exceeds, the model cybersecurity practices produced by the Association of Corporate Counsel (ACC).

Esquire designed its infrastructure to provide the most secure legal services in the industry. Client data is encrypted end to end, in transmission, and at rest on workstations, laptops, servers, mobile devices, and video and audio streams, including transcript processing and delivery. Information is further secured with consistently updated, system-wide automatic threat detection and data loss prevention software.

We believe designing security into every aspect of the platform provides the most secure collection, transmission, and management of transcripts, exhibits, and videos in the industry. You can be confident about accessing sensitive documents online with Esquire’s information security technology.

Global Security Model 

To enhance our infrastructure security posture, we engineered our hybrid-cloud infrastructure, implemented strong, centralized access control, and reduced the number of applications supporting operations. All client data is encrypted end to end, in transit, and at rest. Esquire’s secure online delivery platform is PCI DSS certified and HIPAA compliant.

At the core of the global security model is centralized role-based access control (RBAC) enforced for all users. RBAC provides automatic separation of duties, the least privilege by default, and complete user access audit trails. Esquire selected NetSuite as our platform for its built-in RBAC security model and the ability to record and audit every action taken within the system. Esquire understands the role auditable processes play in protecting—and documenting for policy and compliance—our clients’ data integrity.

Esquire’s flexible data protection framework made it easy to update our Privacy Policy and Security Standards to meet the new European Union General Data Protection Regulation (GDPR) privacy standards. The solutions reside within a hybrid-cloud infrastructure utilizing best-of-breed vendors who are ISO 27001 certified and undergo annual SSAE 18 SOC 2 audits for service organizations. Esquire reviews the controls detailed in these audits annually to verify data protection standards and to ensure those vendors’ controls provide secure, continuous data availability with resilient backup and recovery capability.

Esquire Global Security Model Graphic

Ongoing Commitment

Esquire recognizes that safeguarding your data requires an ongoing commitment. We continue to invest in people, processes, and best-of-breed network and application security solutions.

Our three cloud computing partners, Amazon Simple Cloud Storage Services (AWS S3), Box.com, and NetSuite business management software, already embed world-class security and data protection into our platform. Esquire continuously evaluates and augments these services with additional security solutions configured according to industry and vendor best practices.

Esquire also understands the critical role of consistent security training for employees—and our partners. We provide quarterly training for all employees and new hires via Proofpoint Security Training. To reinforce and test the effectiveness of that training, Esquire runs regular phishing simulations for employees and has a program to follow up with those who require additional security awareness remediation.

Esquire Has You Covered

Esquire stands ready to be your partner in safeguarding your data. We are confident in our approach to protecting your data and are willing to be transparent with our processes and controls. Esquire doubles down on our security and compliance commitment by regularly reviewing our written Security Policy, Incident Response, and Business Continuity Plans and by making that documentation available for review with our clients.

You can be confident Esquire has the security of your depositions and your client data covered.