Security Settings

Understanding security options and best practices for protecting your account

Last updated 4 months ago

Security Settings

Protecting your Whisperit account is essential when handling sensitive legal documents and confidential client information. Understanding and properly configuring your security settings helps maintain the integrity and confidentiality of your work.

Why Security Matters for Legal Professionals

As a legal professional using Whisperit, you handle:

• Confidential client communications and documents • Privileged legal information protected by attorney-client privilege • Sensitive case details and strategic legal work • Personal data subject to privacy regulations • Documents that may be subject to ethical obligations

Proper security practices protect you, your clients, and your professional reputation.

Accessing Security Settings

Whisperit's security features are integrated throughout the platform:

  1. Click the menu icon in the top left

  2. Select Settings from the sidebar

  3. Navigate to security-related options including: • Change Password • Change Email • General account settings

Password Security

Your password is the primary defense for your account.

Password Best Practices:

• Use a strong, unique password (minimum 12 characters) • Include uppercase and lowercase letters, numbers, and symbols • Never reuse passwords from other accounts • Avoid common words, names, or predictable patterns • Don't share your password with anyone • Change your password if you suspect it's been compromised

Strong Password Example Structure: • Combine unrelated words with numbers and symbols • Use passphrases that are memorable but complex • Consider using a password manager to generate and store secure passwords

Changing Your Password:

  1. Go to Settings from the main menu

  2. Click "Change Password" in the sidebar

  3. Enter your current password

  4. Enter your new password

  5. Confirm the new password

  6. Save changes

When to Change Your Password: • Immediately if you suspect unauthorized access • After using a shared or public computer • If you've shared it accidentally • Periodically as part of security maintenance (every 90-180 days) • After a security notification from Whisperit • When leaving a firm or changing roles

Email Security

Your email address is critical for account recovery and security notifications.

Email Best Practices:

• Use a professional, secure email address • Prefer firm-provided email over personal accounts • Ensure your email account has strong security (two-factor authentication) • Keep your email address current and accessible • Monitor your email for security alerts from Whisperit • Don't use shared or public email addresses

Changing Your Email:

  1. Go to Settings > General

  2. Find Email under Account Data

  3. Click "Change" next to your current email

  4. Enter your new email address

  5. Verify the change through confirmation emails

  6. Update your records with the new contact information

Account Access Security

Protecting Account Access:

• Always log out when using shared computers • Don't save passwords on public or shared devices • Use private/incognito mode on non-personal computers • Clear browser cache after using public computers • Be cautious about "Remember Me" options on shared devices • Lock your computer when stepping away

Recognizing Unauthorized Access:

Watch for signs that someone may have accessed your account: • Documents you didn't create or modify • Changes to your profile or settings • Unfamiliar activity in your workspace • Password reset emails you didn't request • Login notifications from unknown locations or devices

If You Suspect Unauthorized Access:

  1. Change your password immediately

  2. Review recent account activity

  3. Check your profile and settings for changes

  4. Review your documents for unauthorized modifications

  5. Contact Whisperit support

  6. Notify your IT department if in an organization

  7. Review connected devices and active sessions

Data Protection Principles

Whisperit employs multiple security measures:

• Swiss infrastructure with strong data protection standards • Encrypted connections for data transmission • Secure by design architecture • Regular security updates and monitoring • Compliance with data protection regulations

Your Responsibilities: • Maintain strong authentication credentials • Follow security best practices • Report security concerns promptly • Keep your contact information current • Comply with your organization's security policies

Browser and Device Security

Secure Your Access Points:

• Keep your browser updated to the latest version • Use reputable browsers (Chrome, Firefox, Safari, Edge) • Enable browser security features • Install security updates promptly • Use antivirus software on your devices • Enable device encryption • Use secure Wi-Fi networks (avoid public Wi-Fi for sensitive work)

For Mobile Devices: • Use device passcodes or biometric authentication • Enable remote wipe capabilities • Keep your operating system updated • Only install apps from official stores • Be cautious with app permissions

Workspace and Collaboration Security

When Working with Others:

• Only share documents with authorized individuals • Review sharing permissions regularly • Remove access when collaboration ends • Use workspace features to organize by security level • Follow your firm's document sharing policies • Be mindful of external user access

Phishing and Social Engineering

Protect Against Attacks:

• Whisperit will never ask for your password via email • Verify the sender before clicking email links • Don't share account credentials through email or chat • Be suspicious of urgent security requests • Verify requests for sensitive information through other channels • Report suspicious emails to your IT department

Common Phishing Red Flags: • Urgent language or threats • Requests for passwords or sensitive information • Suspicious sender addresses • Generic greetings instead of your name • Poor grammar or spelling • Unexpected attachments

Security for Law Firms and Organizations

Organizational Security Policies:

• Follow your firm's acceptable use policies • Comply with password requirements • Attend required security training • Report security incidents to IT immediately • Use only approved devices for accessing Whisperit • Follow data classification and handling procedures

Administrator-Managed Security:

Some security settings may be controlled by your organization: • Password complexity requirements • Session timeout durations • Multi-factor authentication requirements • Permitted device types • Network access restrictions

Compliance and Regulatory Considerations

Legal professionals must consider:

• Bar association ethical obligations regarding data security • Client confidentiality requirements • Data protection regulations (GDPR, etc.) • Industry-specific security standards • Professional liability considerations

Ensuring Compliance: • Document your security practices • Follow your jurisdiction's requirements • Maintain client confidentiality at all times • Implement reasonable security measures • Stay informed about evolving security standards

Regular Security Maintenance

Monthly Tasks: • Review your active sessions and devices • Check for any unfamiliar account activity • Update your password if needed • Review document sharing permissions

Quarterly Tasks: • Review and update your security settings • Verify your contact information is current • Audit your workspace access and permissions • Review security policies and best practices

Annually: • Complete security training • Comprehensive password update • Review all shared documents and workspaces • Update security procedures documentation

Security Checklist

Essential Security Practices:

✓ Use a strong, unique password ✓ Keep your email address current and secure ✓ Log out after each session on shared computers ✓ Enable security features on your devices ✓ Keep software and browsers updated ✓ Use secure networks for legal work ✓ Review account activity regularly ✓ Report suspicious activity immediately ✓ Follow your organization's security policies ✓ Protect client confidentiality at all times ✓ Never share your credentials ✓ Be vigilant against phishing attempts

Getting Security Help

If you need security assistance:

• Contact Whisperit support for account issues • Reach out to your IT department for organizational policies • Consult your bar association for ethical guidance • Review Whisperit's security documentation • Report security incidents immediately

Maintaining strong security practices protects your professional reputation, safeguards client trust, and ensures compliance with your ethical and legal obligations.