...
Offline appliances simply reject any login attempts from outside your network (technically, they reject any network connection at all). However, this is not particularly convenient when you are at client's premises or in a courtroom. Online access allows full access to Wise Owl Legal from anywhere on the Internet. To reduce the possibility of a malicious hacker gaining access, the following procedures are implemented:
Only trusted computers and web browsers are allowed to login. When you first login from an untrusted computer or browser, you will be required to enter a code.
Codes are generated either on your mobile phone or sent via email. If a hacker attempts to access your account, even if they know your password, they need access to your email or phone as well. This is called two factor authentication, because you need two things to login (your password and access to your email / phone).
SSL Certificates and HTTPS
...
Finally, in the event an attempted or actual security breach does occur, Wise Owl Legal appliances keep multiple logs of resource access. In particular, we are very careful to log information about login attempts (successful or otherwise) including the web browser used, and IP address.
Logs include:
Low level web server logs (only accessible by Wise Owl Legal Helpdesk staff)
Appliance level system logs (accessible from the Tools page)
Audit logs (accessible from the Tools page)
Profiling and metrics (access level TODO)