As reported here last week, Clio booted the popular app last Monday over concerns that it could expose Clio customer data to a privacy or security breach.
The app’s developer, Tony Valenti, responded the next day with a post on his Faster Law company website assuring customers that their data was secure while expressing exhaustion from the stress of dealing with Clio’s engineers.
In that post, Valenti offered to hand Faster Suite over to Clio at no cost, provided it agreed to “take good care” of the product and its customers.
Back By Midweek
“Faster Suite is now live again, and I want to apologize for the pain that this week and the past few months have caused,” Newton wrote.
“There’s nothing we take more seriously than the security of your data and the trust you put in us as stewards of that data. The actions we took earlier put the safety of your data above all else, even though it resulted in an outage for an integration partner.”
Newton’s post said that Clio disabled the app after detecting that it was accessing “large amounts of information beyond the scope of what was necessary” to run the integration and that the access “was to virtually every Faster Law-enabled Clio account.” The access originated from a server that Clio later discovered was controlled by Faster Law.
This large-scale data access triggered Clio’s security team to respond, and they made the decision to disable the integration “out of an abundance of caution,” Newton said.
“Although we realized disabling the app would have a widespread and significant impact on the workflows of our shared customers, we prioritized the security of your data over the availability of the Faster Law integration,” Newton said. “Although this was a difficult decision, it was the right one, and one I hope reinforces your trust in our ability to securely steward your data.”
Newton said that Clio subsequently identified the source of the security incident and received assurances from Faster Law that any data that was inappropriately accessed has been fully deleted. Newton also said that Clio has worked with Faster Law to update its app to remove the potential security vulnerability.
“As a result of these changes, as I mentioned above, we’re happy to let you know Faster Law has been re-enabled on the Clio integration ecosystem,” Newton wrote.
A Mea Culpa from Faster Law
Meanwhile, Faster Law’s Valenti posted his own update, in the form of a mea culpa.
“Faster Suite is back online and I want to explain my recent decisions and actions,” Valenti wrote. “The choices I made violated your trust.
“I lied to Clio about selling Faster Law, causing unnecessary confusion, and our systems accessed more of Clio’s customer data than was needed to run the Faster Suite integration.”
Valenti said that Clio’s decision to cut off Faster Law’s API access “was the right decision, and one I would have made if I was in their shoes. As a customer of Clio, you should be thankful they took the actions they did.”
“I apologize for the impact my actions have had over the last two days, and will be working with Clio to ensure such an outage does not occur again,” Valenti concluded.
As for Valenti’s offer to give Faster Law to Clio, the ending to that story may have yet to be written.