Data Security

SOC1
SOC1
SOC1
SOC1

LegacyBook - Data Security You Can Trust

LegacyBook is committed to maintaining the integrity, confidentiality, and availability of our customers’ information. We use a multi-layered approach to protect information and constantly monitor and improve our application, systems, and processes to address potential security challenges and demands.

Biometric Two-Factor Authentication

Two-factor authentication relies on the user entering the password they created and a unique, randomly generated one-time password (or number sequence). Security can be elevated further with the user utilizing built-in biometric capabilities available on all modern devices. No longer are the days of a password and information someone knows to verify the identity of the user. With LegacyBook, data can be protected and only accessed with the authorized fingerprint, face, iris, or other biometric reading already stored on their device.

Fully Certified

LegacyBook has selected hard data centers that are SOC 1 Type II, SOC 2 Type II, and ISO/IEC 27001:2013 compliant to assure the highest standards of data security and privacy.

Strict Internal Monitoring

Our development team tests all code for security vulnerabilities during development and before release.
Development team monitors notifications and alerts from internal systems to identify and manage threats.

Snapshot & Backup Security

Snapshots and backups are stored internal, non-publicly visible network on NAS/SAN servers.
LegacyBook controls the regions where our snapshots and backups exist for security & compliance purposes.

Role Based Access Controls

All access to LegacyBook systems are limited to the least amount of access needed for role functionality.

People You Trust

LegacyBook’s leadership carefully selects and vets all employees and contractors to assure that no matter what the person’s role, they’re the best fit.

Physical Security

24/7 physical security and access monitoring services
Facilities are unmarked as to not draw attention from the outside
Battery and generator backup
Generator fuel carrier redundancy

Infrastructure Security

Defense-in-depth layered approach
Multi-factor authentication points
Monitored access and stringent change control mechanisms

Monitoring

Monitoring and analytics capabilities identify potentially malicious activity.
User and system behaviors monitored and investigations performed using incident reporting and response procedures.