Security
LOCALiQ uses a multi-layered approach to protect our information and systems. We take information security seriously and employ administrative, technical and physical controls to protect data.
APPLICATION & NETWORK PROTECTION
- Web application firewalls to minimize the threat vector posed by application-level attacks (such as SQL injection)
- Network firewalls to only allow specific protocols access to a limited set of IP addresses for business applications
- Network segmentation, including the use of Demilitarized Zone (DMZ) architecture
SECURITY MANAGEMENT
- Encrypted access to applications using Transport Layer Security (TLS)/Secure Socket Layer (SSL) using industry-standard 2048 bit key-length
- Network scans of environment for vulnerabilities using the commercial network scanners
- Configuration management software for core applications to ensure the right access and settings are in place
- Two Factor Authentication to key internal servers and applications
- Centralized logging to review, investigate and resolve issues
- Host based intrusion detection (HIDS) to enable visibility into system changes
- 3rd party application security firm to continuously test the security of our key web applications
- Agile practices to incorporate security updates into releases
- Consulting security advisories to monitor any vulnerabilities in technology stack
AVAILABILITY & DISASTER RECOVERY
- Global footprint of seven data centers across four continents, minimizing latency and increasing performance of our products
- Availability monitoring of services internally and externally (3rd party) with real-time notification of downtime
- Application performance monitoring to ensure performance standards are met
- Data replication of data between production & recovery site
EDUCATION & TRAINING
- Developers take specialized training in application security at least annually
- Employees take at least annual information security awareness training, delivered in nine languages covering topics from phishing to mobile device security
PHYSICAL SECURITY
- Data center providers with SSAE 16 SOC compliance reports
CONTACTING US
If you have any comments or questions regarding our security, please contact us at info@localiq.com