Security

LOCALiQ uses a multi-layered approach to protect our information and systems. We take information security seriously and employ administrative, technical and physical controls to protect data.

APPLICATION & NETWORK PROTECTION

  • Web application firewalls to minimize the threat vector posed by application-level attacks (such as SQL injection)
  • Network firewalls to only allow specific protocols access to a limited set of IP addresses for business applications
  • Network segmentation, including the use of Demilitarized Zone (DMZ) architecture

SECURITY MANAGEMENT

  • Encrypted access to applications using Transport Layer Security (TLS)/Secure Socket Layer (SSL) using industry-standard 2048 bit key-length
  • Network scans of environment for vulnerabilities using the commercial network scanners
  • Configuration management software for core applications to ensure the right access and settings are in place
  • Two Factor Authentication to key internal servers and applications
  • Centralized logging to review, investigate and resolve issues
  • Host based intrusion detection (HIDS) to enable visibility into system changes
  • 3rd party application security firm to continuously test the security of our key web applications
  • Agile practices to incorporate security updates into releases
  • Consulting security advisories to monitor any vulnerabilities in technology stack 

AVAILABILITY & DISASTER RECOVERY

  • Global footprint of seven data centers across four continents, minimizing latency and increasing performance of our products
  • Availability monitoring of services internally and externally (3rd party) with real-time notification of downtime
  • Application performance monitoring to ensure performance standards are met
  • Data replication of data between production & recovery site 

EDUCATION & TRAINING

  • Developers take specialized training in application security at least annually
  • Employees take at least annual information security awareness training, delivered in nine languages covering topics from phishing to mobile device security

PHYSICAL SECURITY

  • Data center providers with SSAE 16 SOC compliance reports

CONTACTING US

If you have any comments or questions regarding our security, please contact us at info@localiq.com