Data Security
At Lifecycle Insights, protecting your data is our most important priority. To preserve the integrity and security of your data, we have implemented physical, procedural, and technical safeguards. The following describes our security practices.
Summary
The following highlights the key points to our data security strategy at Lifecycle Insights:
- We deliberately access and, ultimately house only the data elements we require via our API integrations. We do NOT access any password fields exposed in any third-party API integration.
- We have established backup and business continuity practices in place.
- All credentials are encrypted with AES-256-bit encryption.
- Application access follows a role-based model with privileged access control.
- Multifactor Authentication is available and recommended for all user accounts.
- We have extensive file-based logging to document user access.
- Access to the entire Lifecycle Insights app is limited to strong SSL encryption over HTTPS
Data security standards
Most of the data we store for your company will be obtained from setting up an API integration with you PSA / IT Documentation Tool or Microsoft 365. In every case, we deliberately attempt to limit any data fields we access and pull to only the fields we ultimately need to provide our service.
Your data is regularly backed up to prevent data loss and assist with any recovery efforts in the unlikely event that needs to occur.
We have internal access control policies in place to restrict access to your data. Our application implements a role-based security model that allows you to determine the level of access your users have. This model not only includes the scope of data but also includes read/write vs update access.
Payment information
We do not handle any payment processing, nor do we store any credit card information in our systems. We use Stripe, an industry-leading provider of payment processing services for this.
Data storage
We host data in AWS secure SSAE 16 / SOC1 certified data centers, including third-party security researchers to ensure practices are secure.
If you're interested, SOC compliance statements are available on the AWS SOC Frequently Asked Questions page.