LegacyBook is committed to maintaining the integrity, confidentiality, and availability of our customers’ information. We use a multi-layered approach to protect information and constantly monitor and improve our application, systems, and processes to address potential security challenges and demands.
Two-factor authentication relies on the user entering the password they created and a unique, randomly generated one-time password (or number sequence). Security can be elevated further with the user utilizing built-in biometric capabilities available on all modern devices. No longer are the days of a password and information someone knows to verify the identity of the user. With LegacyBook, data can be protected and only accessed with the authorized fingerprint, face, iris, or other biometric reading already stored on their device.
LegacyBook has selected hard data centers that are SOC 1 Type II, SOC 2 Type II, and ISO/IEC 27001:2013 compliant to assure the highest standards of data security and privacy.
Our development team tests all code for security vulnerabilities
during development and before release.
Development team monitors notifications and alerts from internal systems to identify and manage threats.
Snapshots and backups are stored internal, non-publicly visible
network on NAS/SAN servers.
LegacyBook controls the regions where our snapshots and backups exist for security & compliance purposes.
All access to LegacyBook systems are limited to the least amount of access needed for role functionality.
LegacyBook’s leadership carefully selects and vets all employees and contractors to assure that no matter what the person’s role, they’re the best fit.
24/7 physical security and access monitoring services
Facilities are unmarked as to not draw attention from the outside
Battery and generator backup
Generator fuel carrier redundancy
Defense-in-depth layered approach
Multi-factor authentication points
Monitored access and stringent change control mechanisms
Monitoring and analytics capabilities identify potentially malicious
User and system behaviors monitored and investigations performed using incident reporting and response procedures.