How we secure data and media, our AWS infrastructure & compliance posture, and the network rules recommended for best call quality.
Application & User Data
All access over HTTPS (TLS 1.3/1.2); credentials are hashed.
Optional 2-factor authentication (SMS).
Event access controls: each attendee receives a unique code to enter the room; access can be revoked any time.
Minimal PII (name, email, phone). Users may request changes or deletion; we never sell data.
Streaming Security (WebRTC)
DTLS secures data channels; SRTP provides encryption, integrity, and replay protection for media.
Device access (camera/mic) is explicitly permissioned and controlled by the browser.
Exhibits
Uploads/downloads over HTTPS.
Encrypted storage in Amazon S3 with access controlled by the account and file owners.
Users authenticate before accessing exhibits; deletion is supported.
Infrastructure & Compliance
Hosted on AWS (primary us-west-2, DR us-east-1).
EC2
VPC
EBS (encrypted)
KMS
SES
S3 (encrypted)
IAM
CloudWatch
Inspector
Uses HIPAA-eligible AWS services; modern TLS in transit and encrypted volumes at rest.
Firewall Rules
Most users are able to connect to LiveLitigation without any special network configuration. However, if your organization uses a strict firewall that only allows whitelisted traffic, you may need to allow specific IP addresses and ports. Please Contact Support for the current allowlist and configuration details tailored to your network environment.