LeveragePoint utilizes some of the most advanced technology for Internet security available today. We use Amazon Web Services (AWS) to host our highly scalable platform with high availability, dependability, and security. AWS and Leveragepoint services are built in accordance with security best practices providing end-to-end data security and confidentiality. Your data is safe, secure and available only to registered users within your organization. Your data will be completely inaccessible to your competitors.

Reports & Certifications:

LeveragePoint publishes a Service Organization Controls 2 (SOC 2) type II audit report, published under both the SSAE 16 and the ISAE 3402 professional standards. The SOC 2 audit report attests that LeveragePoint’s Security and Confidentiality controls to safeguard customer data are appropriately designed and operating effectively. Our commitment to the SOC 2 report is on-going and we plan to continue our process of periodic audits. AWS has achieved ISO 27001 certification of Information Security Management System (ISMS), covering the infrastructure, data centers, and AWS services used by LeveragePoint. In addition, AWS has successfully completed SAS70 type II audits and currently publishes a SOC 1 audit report that LeveragePoint reviews annually.

Physical Security:

  • Data center access limited to AWS data center technicians
  • Two-factor authentication for controlled data center access
  • Video surveillance and intrusion detection systems at data center
  • 24×7 onsite staff providing additional protection against unauthorized entry
  • Unmarked facilities to help maintain low profile
  • Physical security audited by an independent firm

System Security:

  • System installation using hardened, patched OS
  • Firewalls in place to block unauthorized system access
  • Distributed Denial Of Service (DDoS) Attack mitigation using proprietary techniques
  • Regular Penetration tests conducted
  • Protection against SQL injection and XSS attacks

Operational Security:

  • Systems access logged and tracked for auditing purposes
  • Secure document-destruction policies for all sensitive information
  • Fully documented change-management procedures

Software Security:

Access to your data in LeveragePoint is controlled using Access Control Lists that you have full control over. In addition, LeveragePoint offers companies flexibility in configuring various security controls to their corporate standards. These include:

  • User timeout window
  • Password strength
  • Allowed number of failed password attempts
  • Password expiry
  • Restricting access to IP address range

Communications:

All data exchanged with LeveragePoint is always transmitted over SSL using 256 bit encryption for maximum security.

Backups and Fault Tolerance:

Our architecture is designed with redundancy at each level to ensure maximum fault tolerance. Your data is backed-up and replicated to multiple locations. In the event of failure, LeveragePoint will switch to an alternative location to ensure high availability.

Contact Us:

If you have any technical questions or concerns, please contact techsupport@leveragepoint.com. For security-related inquiries or to report a suspected security breach, please contact security@leveragepoint.com.

Ready to Dive In?

GET A PERSONALIZED DEMO

If you’d like to talk more about LeveragePoint’s Value Proposition tool, we’d welcome the opportunity to speak with you. We will listen to your needs, and help you understand if the tool is right for you.

REQUEST DEMO