Let's talk about your legacy (505) 424-8799

SECURITY

Introduction 

Security is our top priority because we are collecting data and storing information to assist an attorney and fiduciary in establishing the value of the estate; the information we collect allows the software application (“application”) to build an electronic vault using its proprietary data collection protocols. During estate administration, the fiduciary is responsible for locating assets comprising an estate, maintaining the estate’s value and preventing identity theft of their client and/or the decedent potentially allowing others to decrease the estate’s value. 
In order to protect the value of the estate the application protects and secures access to the data, documents and identifiers that permit access to the data, documents, digital assets and electronic records of the decedent’s estate. When building an electronic vault, user-entered data and scanned documents represent the ‘paperwork’ about the estate’s components. Identifiers represent the credentials needed to convince any custodian that they, the government or private custodian, is maintaining records belonging to the decedent. 

Data and Document Security

Client data or basic information includes name, address, date of birth, mobile and landline numbers. Client contact information includes emergency contacts’ name, relationship and communication keys. 
Client documents include any scanned information that is pertinent to the estate such as driver’s license, passport, credit reports, financial account statements, investment documents, stock certificates, tax bills, utility bills, vehicle registration, insurance cards, policy declaration pages and the like. 
Client documents can also include spreadsheets of valuable collections (art, instruments, automobiles, firearms), agreements covering rental property, family heritage pages, photo albums, family trees, manuscripts and a variety of files that the client is keeping for financial or other reasons. 
Client documents can also include trust documents, powers of attorney, wills, health directives, memorial and end-of-life wishes. There is no limit to the number or size of documents that can be stored in a client’s electronic vault. Video files are not supported.

Credentials Needed for Custodian Notification (Estate Resolution).

Client credentials for each custodian (business, government agency, company files and the like) are stored in categories and sub-categories. Credentials are associated with records held by custodians; credentials include an identifier that will be presented to the custodian during estate resolution. These are the ‘user-ids’ needed by the custodian for them to locate the records they have on file belonging to the individual. During estate administration, user-ids are usually sufficient without the need for passwords to gain access to the data that custodians are maintaining for the decedent.
Client credentials for financial institutions are usually the account numbers and account manager (broker, financial advisor, insurance agent), email addresses for merchants, full name and most current address for government agencies. Since the application is not interested in accessing the data, no passwords or social security numbers are required and therefore no passwords or security numbers are stored.

Security Protocols

Our standard deployment provides a secure infrastructure and multiple layers of firewalls. We use Microsoft’s Azure Service Fabric and Classic Cloud Services to host our platform. The .NET technology stack is deployed for our application with ASP MVC for the front end.
The middle tier of the application uses WCF and Web API distributed services; and the data is stored in Microsoft SQL databases. Customers utilize the same middle tier and front ends however each customer has their own isolated data store.
The general architecture utilizes distributed services with subsystems for OAuth authentication, logging, document management and external email and text communication.
Data encryption and separation occurs immediately as entered by the user and before transmission to the computer storage devices. Once it reaches the cloud, it is encrypted again before its final storage in SQL databases. Data, documents and user credentials are separated by the application to provide another layer of security.
Sensitive data in the database is encrypted individually at the field level and can only be viewed through the system. Documents are encrypted at the binary level in storage. The application is designed in such a way that even those with full access to our Azure resources cannot read any data.
The databases and middle tier services are locked down by IP address and can only be accessed by other resources from within the Legacy Concierge system. The single point of entry into the system is an API which the portals use to communicate. This API is only accessible by a short-term token issued with a valid username and password. Optional two-factor authentication is offered to further secure this token.
We recognize that security of the personal data stored on our platform is critically important. In order to ensure security, we implement PCI-like standards routinely testing our platform to make sure it is secure. Architectural and system diagrams can be sent upon request.

Client Concerns and Assurances

Clients can expect their professional teams to secure any and all information that is provided during their engagement. Three obligations all lawyers owe all clients: the duty of loyalty, the duty of care, and the duty of confidentiality are supported. Professional teams collect much personal information as part of their business relationship and may use several computer applications to keep the client’s information private. Legacy Concierge is another application in the professional’s toolkit. 
If you desire more information about the application’s security, please do not hesitate to contact us at security@legacy-concierge.com.

© 2020 Legacy Concierge LLC