Optimized AWS Infrastructure Helps LegalZoom to Scale Securely

Case Study

LegalZoom Profile

LegalZoom, a prominent and trusted name in law, has created LegalZoom Local, a communication app for the modern law that enables confidential phone calls, chats and documents exchanged between attorneys and their clients.

As the company evolves into a comprehensive solution for all legal needs, maintaining trust and security and strictly complying with regulatory requirements is a top priority.


Law is a highly regulated industry. While the medical industry has the advantage of a national regulatory scheme (e.g., HIPAA), regulation of the legal industry consists of a patchwork of 50 sets of state rules. It was just as challenging for LegalZoom to manage compliance across varying geographies within the United States as it is for multinational organizations managing requirements in different countries.

Furthermore, the psychographic profile of the average attorney is highly averse to risk. As a result, technology companies that want to develop a user base from the legal profession must study these rules and incorporate them into the earliest stages of the product design process.

One of the most prominent branches of regulation must deal with the “attorney-client relationship.” Once an attorney-client relationship has begun, all private communications between the attorney and client are subject to the strictest of confidence.

“Client-attorney confidentiality is a requirement that simply must not be breached,” said Richard Komaiko, Chief Executive Officer of LegalZoom Local. “If attorneys are caught violating the confidence of their clients, or using a tool that fails to protect confidence, and the incident is reported to the bar, they could be disbarred immediately. Unlike many industries, there is often no second chance.”

Thankfully, each of the 50 states has offered some guidance about how this confidence is to be honored in the age of cloud computing. As an industry leader seeking to demonstrate best practices, the engineering team at LegalZoom Local recently completed an overhaul of its architecture with a focus on ensuring the confidentiality of hosted communications


LegalZoom chose to use Amazon Web Services (AWS) to host LegalZoom Local in order to take advantage of AWS’s web services to help ensure high server uptime, security and performance. The LegalZoom infrastructure has multiple facets, from a consumer-facing website to internal applications used by the sales and marketing department. As demand for LegalZoom Local increased, the company began to experience scaling issues. Flux7 was initially hired in a critical situation to debug a scaling challenge with Amazon Relational Database Service (RDS).

Legalzoom used Flux7’s services to optimize its infrastructure and create a framework that provides the company with automated, templated and elastic infrastructure that improves business agility. Flux7 provides growing companies with the AWS expertise they need, when they need it, without having to invest in additional headcount or long-term contracts.

Effective business solutions for the cloud, mobile, social computing, big data, the Internet of Things and digital often rely on a stable, scalable and secure architecture to perform as users expect.

Flux7 helped the LegalZoom team with AWS configuration management and Cloud Formation templates. AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. By using CloudFormation, a wide range of AWS resources can now be supported making LegalZoom able to build a highly available, reliable, and scalable infrastructure.

Flux7 also helped secure operations using Amazon Virtual Private Cloud and Amazon VPN tunnels. A logically isolated section of the AWS Cloud was provisioned enabling LegalZoom to launch resources in a defined virtual network. This provided the company with complete control of its virtual networking environment, which includes selecting its own IP address range, creating subnets, and configuring route tables and network gateways.

More importantly, implementing Amazon VPN meant LegalZoom can now implement an advanced security infrastructure, leveraging multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet. VPN tunnels provide secure communication between sites.

“Investing in infrastructure to ensure the privacy of data between our customers and their clients is paramount,” Komaiko concluded. “Flux7 has helped us to establish a stable, efficient and secure infrastructure, which we can now maintain on our own.”

Finally, as LegalZoom scales up its operations with demand, Flux7 has already identified several opportunities where cost can be optimized.

Optimized AWS Infrastructure Helps LegalZoom to Scale Securely

Optimized AWS Infrastructure Helps LegalZoom to Scale Securely

July 18, 2019