Data Security

LegacyBook is committed to maintaining the integrity, confidentiality, and availability of our customers’ information. We use a multi-layered approach to protect information and constantly monitor and improve our application, systems, and processes to address potential security challenges and demands.


Your Security Is Our Top Priority

Passwords and single factor authentication are old and outdated means of security that were developed in the 70s and have slowly progressed over time. Relying on these methods alone introduces unnecessary risks when more secure options are available. That is why LegacyBook has chosen to utilize the highest standard of security, multi-factor authentication.

Biometric Two-Factor Authentication

Two-factor authentication relies on the user entering the password they created and a unique, randomly generated one-time password (or number sequence). Security can be elevated further with the user utilizing built-in biometric capabilities available on all modern devices. No longer are the days of a password and information someone knows to verify the user’s identity. With LegacyBook, data can be protected and only accessed with the authorized user’s fingerprint, face, iris, or other biometric reading already stored on their device.

Secure Data Center & Connections

We use Digital Ocean for our data service because of their top-tier data safety and security protocols. Here’s the highlights of why we chose Digital Ocean to protect your data. You can visit Digital Ocean’s Data Security Page for a full report of their data security procedures.

Best in Class Data Security Protocols

Strict Internal Monitoring

Development team tests all code for security vulnerabilities during development and before release.

Development team monitors notifications and alerts from internal systems to identify and manage threats.

Role Based Access Controls

All access to LegacyBook systems are limited to the least amount of access needed for role functionality.

People You Trust

LegacyBook’s leadership carefully selects and vets all employees and contractors to assure that no matter what the person’s role, they’re the best fit.

Fully Certified

LegacyBook has selected Digital Ocean data centers that are SOC 1 Type II, SOC 2 Type II, and ISO/IEC 27001:2013 compliant to assure the highest standards of data security and privacy

Physical Security

24/7physical security monitoring services

Facilities are unmarked as to not draw attention from the outside

Battery and generator backup

Generator fuel carrier redundancy

Infrastructure Security

Defense-in-depth layered approach

Multi-factor authentication points

Monitored access and stringent change control mechanisms

Systems Seurity

Key based authentication

Access limited by Role-Based Access Control (RBAC)

Hard drives and infrastructure are securely erased before decommissioning or reuse

Access Logging

Logging of system actions as well as logins and commands issued by system administrators

Secuirty Monitoring

Monitoring and analytics capabilities identify potentially malicious activity

User and system behaviors monitored and investigations performed using incident reporting and response procedures

Snapshot & Backup Seurity

Snapshots and backups are stored internal, non-publicly visible network on NAS/SAN servers

LegacyBook controls the regions where our snapshots and backups exist for security & compliance purposes.

soc1 soc2 eyPoint iso digiOcean