Your Data is Safe With Us

Protecting your ideas is at the heart of what we do, and it starts with how we handle your data. Our team has implemented robust security policies and data management controls, and we prove our compliance through third-party audits.

A woman wearing glasses, a dark blue lace blouse with a Peter Pan collar, and jeans, standing indoors with a wooden railing and glass windows in the background.
SOC 2 Type 2 compliance badge for Lightbringer by Insight Assurance, 2024.

PAM STENTIFORD CFO & DPO

We are certified SOC 2 Type 2 compliant.

As a SOC 2 Type 2 compliant service provider, Lightbringer has implemented controls that ensure the secure management of your organisation's data, safeguarding both its interests and privacy.

SOC 2 sets benchmarks for handling customer data based on trust service principles, and here's how we fulfill those criteria:

Information Security Program

Security

We safeguard our system and your data against unauthorised access through the implementation of advanced, industry-leading security measures.

This includes the deployment of comprehensive encryption protocols, multi-factor authentication (MFA) processes, and continuous network monitoring to ensure the highest levels of data integrity and confidentiality.

Additionally, we are committed to maintaining comprehensive security training for all of our staff.

availability

Our infrastructure is designed with redundancy and resilience in mind, incorporating failover mechanisms and scalable resources to maintain service performance under varying loads.

We employ proactive monitoring and incident management strategies to quickly identify and resolve potential disruptions, minimising downtime. Regular testing of our disaster recovery and business continuity plans ensures our preparedness to swiftly restore services in the event of an unforeseen incident.

Confidentiality

Access to confidential data is strictly limited to authorised personnel through the use of role-based access controls and secure authentication mechanisms.

We enforce comprehensive data privacy policies and conduct regular training for our employees on confidentiality best practices. Our commitment to protecting your information is further reinforced by rigorous audits and assessments to prevent unauthorized access and ensure the privacy and security of your data at all times.

Processing Integrity

We implement validation checks, quality assurance processes, and error detection and correction mechanisms throughout the data lifecycle. We utilise automated monitoring systems to track and report on the processing activities, enabling us to identify and rectify any discrepancies promptly.

Additionally, our transparent logging and auditing procedures allow for a thorough review of data processing activities, ensuring that all operations are conducted accurately and effectively.

A man standing indoors leaning against a wooden railing, wearing glasses, a navy blue hoodie, and a black shirt.
AICPA SOC logo for service organizations

MARKUS ANDREASSON Co-founder & CTO

data protection

Data at Rest

We securely encrypt all customer data using AES encryption before storing it in data centers managed by leading cloud service providers. Additionally, we perform daily backups to ensure data redundancy and protection against loss.

Data in Transit

We ensure the security of data in transit by utilizing TLS 1.2 or higher encryption, guaranteeing that all transmitted information is protected. Furthermore, we safeguard all endpoints, making certain that they are secured against unauthorised access and vulnerabilities.

Data Access Control

We adhere to the principle of least privilege and implement role-based access control to minimise potential attack surfaces. This approach ensures that each user is granted the minimum level of access necessary to perform their duties, significantly reducing the risk of unauthorised data exposure.