Reports & Certifications
LeveragePoint publishes a Service Organization Controls 2 (SOC 2) Type II audit report under both the SSAE 16 and the ISAE 3402 professional standards. The SOC 2 audit report attests that LeveragePoint’s Security and Confidentiality controls to safeguard customer data are appropriately designed and operating effectively. Our commitment to the SOC 2 report is ongoing and we plan to continue our process of periodic audits. AWS has achieved ISO 27001 certification in Information Security Management System (ISMS), covering the infrastructure, data centers, and AWS services used by LeveragePoint. In addition, AWS has successfully completed SAS70 type II audits and currently publishes a SOC 1 audit report that LeveragePoint reviews annually.
- Data center access is limited to AWS data center technicians
- Two-factor authentication for controlled data center access
- Video surveillance and intrusion detection systems at the data center
- 24×7 onsite staff provides additional protection against unauthorized entry
- Unmarked facilities to help maintain a low profile
- Physical security audited by an independent firm
- System installation using hardened, patched OS
- Firewalls are in place to block unauthorized system access
- Distributed Denial Of Service (DDoS) Attack mitigation using proprietary techniques
- Regular Penetration tests conducted
- Protection against SQL injection and XSS attacks
- Systems access is logged and tracked for auditing purposes
- Secure document-destruction policies for all sensitive information
- Fully documented change-management procedures
Access to your data in LeveragePoint is controlled using Access Control Lists that you have full control over. In addition, LeveragePoint offers companies flexibility in configuring various security controls to their corporate standards. These include:
- User timeout window
- Password strength
- Allowed number of failed password attempts
- Password expiry
- Restricting access to IP address range
All data exchanged with LeveragePoint is always transmitted over SSL using 256-bit encryption for maximum security.
Backups and Fault Tolerance
Our architecture is designed with redundancy at each level to ensure maximum fault tolerance. Your data is backed-up and replicated to multiple locations. In the event of failure, LeveragePoint will switch to an alternative location to ensure high availability.
If you have any technical questions or concerns, please contact firstname.lastname@example.org. For security-related inquiries or to report a suspected security breach, please contact email@example.com.