Leadoo Security

We understand that keeping your data safe and secure is important to you. It is also the backbone of everything we do. Below you will find how we ensure your data is always safe.

In-transit encryption

All the data between your browser and our servers is end-to-end encrypted with TLS 1.2

Encrypted data

All our and your data is always encrypted on the disk level, ensuring that even in a worst-case breach an attacker cannot get access to your data.

VPN by default

All our production environments connections are accessible only through VPN connections.

Secure bots

Customers may embed Leadoo inpage- and chatbots with sandboxed iframe tag preventing Leadoo scripts to directly access Customer web page data.

Firewalls

All our data is secured by firewalls that ensure malicious bot knocks, as well as common attacks, get blocked. Our firewall performance is monitored constantly by our Ops team. In addition, we have Distributed Denial of Service (DDoS) protection services in place against all known layer 3 and layer 4 attacks.

Code reviews

Code reviews are mandatory for all new code, and every line of code is always reviewed by two other people. This ensures human errors are kept to the minimum.

Patch management

We follow security watch lists to ensure that we’re always up to date with zero-day exploits in any of our core infrastructure – and always keep our dependencies up to date.

Vulnerability assessment

Our core team, including our CTO, DPO and COO hold monthly review sessions where we go through all possible risks, their impact and ensure any arising risks are taken care of.

Internal training

Humans are usually the weakest link in security and we train our new people to ensure that they know how to manage passwords including 2-factor authentication.

We understand that security is an always-changing game and in order to stay on top of it, we take security with the graveness it deserves.

Did you find the answers you were looking for?

Need some more information? Contact us