Is MerusCase Secure?


Yes. In fact, it is more secure than the device you’re using to read this right now.

SSL Protects Your Data

MerusCase keeps all your information fully encrypted and secured so that you never have to worry about your information being accessible to others. We use Secure Socket Layer (SSL) encryption end-to-end, between client and server. You might be asking yourself, what’s that? Well, this basically means that all data passed between your browser and the MerusCase server cloud is encrypted using the same security scheme your bank uses.

The logic behind SSL is very well defined. SSL uses well-known key encryption mechanisms and secure algorithms that cannot be broken by hackers. Technical professionals consider the security behind SSL to be of the highest regard because even those who know how SSL is designed can’t break it!

MerusCase uses this proven technology to ensure the security and confidentiality of all its users’ information. The security offered by MerusCase with SSL is far safer than having a file server sitting in your office because we offer world-class security, firewalls, and encryption maintained by IT professionals for all our customers. We would like to think that the single weak link in our security is sitting between your ears. The strength of your login password is the one thing we can’t guarantee.

Database Encryption

The most sensitive data stored within MerusCase is encrypted at the database level. Even our engineering team cannot see your passwords, social security numbers, payment information, birth dates, or tax ID numbers. All this sensitive information is encrypted using a 256-bit hash that makes these data points effectively more secure than the connection between you and your bank. Even if the perimeter security of MerusCase were compromised, a hypothetical hacker would only be able to retrieve names and telephone numbers from our database.

By contrast, our competitors store these items in plain text. Anyone in your firm with a minimal level of technical expertise can freely steal the identities of your entire historical caseload. That means that your firm’s security is dependent wholly on that $50 Linksys router sitting under your desk. When was the last time you had that audited by an IT professional well-versed in security?

Security: Server vs. MerusCase

Additionally, any remote access services in your office could be a security hole. Whether this “remote access” is for your own application usage, so your IT support staff can perform maintenance, or so that your copy service can deliver documents directly onto your server, this represents yet another access point that can be compromised. Also, have you considered whether the data transfer, once access is granted, is encrypted? It is likely that anyone on the internet can intercept the PDF file you just accessed from your office file server. With MerusCase, you’d have to make a considerable effort to not do this securely. Since MerusCase operates on a web platform without the necessity of a server, you do not have to worry about these issues compromising your confidential information.

Yet another security issue arises if you synchronize data from your file server to your laptop. The local copy you’ve made to your mobile device could walk right into the hands of an identity thief the next time you set your briefcase down to take an important call. With MerusCase, nothing is permanently stored on your personal computer (unless you specifically download or save something, of course).

Finally, while we’re on the subject of security, let us not forget the physical security of your office. Were your building to burn down, your office to be burglarized, or an employee to vandalize your assets, would you be vulnerable? With MerusCase, you can access all your data, safely and securely, anywhere in the world, from any modern web browser. Our servers live in multiple data centers around the country and leverage the resources of Amazon’s tens of thousands of servers. Not only does this prevent sensitive data from getting into the wrong hands, it ensures that your data is always available in the right ones -– Yours.