How we handle your documents (and why it matters)

How we handle your documents (and why it matters)

February 10, 2025

How we handle your documents (and why it matters)

You're uploading client files to our system. Privileged communications. Case strategies. Documents that could tank a deal or lose a case if they leaked. We take that seriously.

This isn't a marketing page about "best-in-class security". It's a technical explanation of what we actually do and why.

The basics: where your data lives

Everything runs on AWS infrastructure in EU datacentres (Frankfurt and Ireland, with failover). Flynn Bundy, one of our founders, spent seven years at AWS building exactly these kinds of systems. That background shaped how we architected Andri.

Encryption at rest and in transit. Every document is encrypted using AWS KMS with keys unique to each document. Not one key for your firm, not one key per case—each file gets its own. When you upload, it's encrypted before it hits storage.

No shared indexes. This is important. Most AI systems that work with documents create shared vector indexes—your data gets mixed into the same embedding space as everyone else's. We don't do that. Each case gets its own isolated index. When you delete a case, that index is destroyed. There's no cross-contamination between clients, between firms, or between cases.

Access controls that make sense for law firms

User-level permissions. Who can see what case? Who can edit? Who can only view? This maps to how firms actually work—partners with full access, associates with case-specific access, support staff with document-level permissions.

Audit logging. Every access is logged. Who opened what document, when, from where. If a client asks "who's seen this file?", you have an answer.

Time-limited sharing. Need to share a document with counsel? You can set an expiry. After 7 days, 30 days, whatever you specify—access revokes automatically.

Why this matters more than you might think

Law firms are targets. Client data is valuable. And the professional obligations around confidentiality aren't just ethical—they're regulatory. SRA requirements in the UK, bar rules in the Netherlands, GDPR across both.

Traditional legal document storage often runs on ageing infrastructure with manual security patching and limited redundancy. Cloud-native architecture means automatic updates, geographic redundancy, and recovery capabilities that on-premise systems can't match.

But the real reason we built it this way: trust. If you can't trust that your client's documents are secure, you can't use the system for real work. And if you can't use it for real work, what's the point?

What we're adding

Security isn't a feature you ship once. We're continuing to build:

  • SOC 2 Type II certification (in progress)
  • Additional audit capabilities for larger firms
  • Client-managed encryption keys for firms that want them
  • Enhanced monitoring and alerting

If you have specific security requirements or want a detailed review before onboarding, reach out. We're happy to walk through the architecture with your IT team or information security officer.