Security

LOCALiQ uses a multi-layered approach to protect our information and systems. We take information security seriously and employ administrative, technical and physical controls to protect data.

Web application firewalls to minimize the threat vector posed by application-level attacks (such as SQL injection)
Network firewalls to only allow specific protocols access to a limited set of IP addresses for business applications
Network segmentation, including the use of Demilitarized Zone (DMZ) architecture

Encrypted access to applications using Transport Layer Security (TLS)/Secure Socket Layer (SSL) using industry-standard 2048 bit key-length
Network scans of environment for vulnerabilities using the commercial network scanners
Configuration management software for core applications to ensure the right access and settings are in place
Two Factor Authentication to key internal servers and applications
Centralized logging to review, investigate and resolve issues
Host based intrusion detection (HIDS) to enable visibility into system changes
3rd party application security firm to continuously test the security of our key web applications
Agile practices to incorporate security updates into releases
Consulting security advisories to monitor any vulnerabilities in technology stack

Global footprint of seven data centers across four continents, minimizing latency and increasing performance of our products
Availability monitoring of services internally and externally (3rd party) with real-time notification of downtime
Application performance monitoring to ensure performance standards are met
Data replication of data between production & recovery site

Developers take specialized training in application security at least annually
Employees take at least annual information security awareness training, delivered in nine languages covering topics from phishing to mobile device security

If you have any comments or questions regarding our security, please contact us at info@localiq.com