Overview
LPI Cloud manages job data for thousands of users around the world. At Laser Products Industries (LPI), we understand that our customers expect us to protect their data with the highest standards and are committed to providing them with a highly secure and reliable environment. Our security model and controls are based on international standards and industry best practices,.
How do we secure your data?
LPI’s systems are hosted on multiple Kubernetes clusters at Digital Ocean. Hosting on Digital Ocean data centers is located in NA (North America), and will soon be available in EMEA (Europe, the Middle East and Africa) and APAC (Asia-Pacific). This allows us to provide a reliable service and keeps your data available whenever you need it.
These data centers employ leading physical and environmental security measures, resulting in highly resilient infrastructure.
Application Security
LPICloud.com implements a security oriented design in multiple layers, one of which is the application layer. The LPI Cloud application is developed according to the OWASP Top 10 framework and all code is peer reviewed prior to deployment to production.
Our controlled CI/CD process includes static code analysis, vulnerability assessment, end-to-end testing, unit testing which addresses authorization aspects and more. LPI Cloud developers go through periodic security training to keep them up-to-date with secure development best practices.
Infrastructure Security
- Firewalls for enforcing IP whitelisting and access through permitted ports only to network resources
- Web application firewall (WAF) for content-based dynamic attack blocking
- DDoS mitigation and rate limiting
- NIDS sensors for early attack detection
- Advanced routing configuration
- Comprehensive logging of network traffic, both internal and edge
Data Encryption
LPI Cloud encrypts all data both in transit and at rest:
- Traffic is encrypted using TLS 1.3 with a modern cipher suite, supporting TLS 1.2 at minimum
- User data is encrypted at rest across our infrastructure using AES-256 or better
- Credentials are hashed and salted using a modern hash function
External Security Audits
Independent third-party assessments are crucial to get an accurate, unbiased understanding of your security posture. LPI Cloud conducts internal audits both in the application and in the infrastructure level.
Additionally, LPI is in the process of external auditing as part of the SOC2 Type II audit and ISO certifications.
Physical Security
Disaster Recovery and Backups
Security Awareness and Training
LPI understands that its security is dependent on its employees. Therefore, all our employees undergo thorough information security awareness training during onboarding. Further security training is provided on a quarterly basis. Additionally, all employees must sign our Acceptable Use Policy.
Access Control
We know the data you upload to LPI Cloud is private and confidential. We regularly conduct user access reviews to ensure appropriate permissions are in place, in accordance with the least privilege principle. Employees have their access rights promptly modified upon change in employment.
