Client portal under test

As announced, I activated the client portal for my clients over the weekend and it is now running stably in test mode.

Key Facts

The client portal has now been activated in test mode and is running stably.
The solution is 100% on-premise and only stores data on my own servers.
Clients can send files in a structured way and receive them securely.
The portal makes it possible to arrange appointments and comment on files.
A live chat with audio or video option is available to users.
Every user must set up a second factor for authentication within three days.
Further functions will be added in the coming weeks and months.

The first tests of the client portal are successful. I have tested many solutions and have decided to go with something that runs 100% on-premise, rather than just on my servers.

Especially for a portal for sensitive client data, I think it is important that the data and content is only stored on servers controlled by me.

The portal provides a separate area for clients to

send me files in a structured way
Files that I send to receive securely
Appointments to be made.
Make comments on groups of files

and

Share files with third parties.

Clients can also give employees or other authorized persons access to the portal without having to share their own access data.

The portal also offers a way to map projects, so I can better map things like startups, larger contracts, or permanent mandates. Other persons, such as tax advisors, can also be included in each project and will then only have access to the content intended for this person.

As a logged in user, you can also send me structured messages and track them in the long run. If things need to move quickly, there is a live chat, including the option of an audio or video chat without additional software.

Since there will be a lot of confidential files and information stored in the client portal, I have built in additional security along with regular backups.

Automated password guessing attacks are one of the most successful attacks on websites. And even if simple passwords are not allowed in the client portal, there is a certain risk that the person who knows the password is not the one who wants to log in. Modern technology allows attackers to guess user credentials within minutes. And even the most complicated password can be lost or accidentally given to an unauthorized person.

Every user of the client portal is therefore obliged to create a second factor within the first three days and then use it when logging in.

In addition to a security code via email, Google Authenticator, Authy, FreeOTP, Duo Security and several other 2FA services can also be used.

More features will be added in the coming weeks and months. Feedback is of course always interesting for me.

The client portal can be found under this link.

Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.