Application and User Security
-
SSL/TLS Encryption: All communications with the app.lumiere.is website are sent over SSL/TLS connections. Transport Layer Security (TLS), is the successor to SSL and provides both server authentication and data encryption.
-
User Authentication: User data is logically separated on our database. Users have unique usernames and passwords that are required to access secure areas of the application. Lumiere issues a session cookie to store encrypted user authentication information for the duration of a session. The session cookie does not include the password of the user.
-
User Passwords: User passwords have minimum complexity requirements and are individually salted and hashed.
-
Data Portability: Lumiere enables you to export data collected through activities for backup or use with other applications.
-
Privacy: Our Privacy Policy that details how your data is managed, used, shared and retained.
Physical Data Center Security
-
Location: User data is stored at a highly accredited and certified third-party data center located in the United States.
-
Physical Security: Data centers are staffed 24x7 by trained security guards, and access is authorized strictly on a least privileged basis.
-
Environmental Controls: Environmental systems are designed to minimize the impact of disruptions to operations, include climate and temperature conditioning, fire detection and suppression, power generators and UPS backups, and system wide environmental monitoring.
Availability
-
Uptime: Uptime is monitored continuously and any outages are immediately reported and addressed.
-
Failover: Multiple backups and geographic failover regions are available in the event of a natural disaster or system failure.
-
Backup Schedule: Backups occur daily and retained for 7 days.
Network Security
-
Firewall: Firewalls restrict access to all ports except 80 (http) and 443 (https).
-
Patching: Security patches are applied to systems as soon as possible to mitigate vulnerabilities.
-
Access Control: Multifactor authentication and role based access is enforced.
-
Testing: Systems changes are tested and verified in sandbox environments before being deployed to production systems.
Technology Stack
-
Code: Lumiere’s back-end is coded in ASP.NET with C#. On the front-end, we make use of the Marionette javascript application library.
-
Servers: Lumiere runs, primarily, in a Windows environment, utilizing Windows Server 2012 and SQL Server 2012.
-
Compatibility: Lumiere is compatible with all modern desktop browser versions released within the last two years, including Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer 10+. IE 9 is also supported for activity participants. Browsers on tablets and mobile devices currently are not supported and functionality is not guaranteed.
Security Breaches
While we take security very seriously, no communication over the internet can be absolutely guaranteed to be secure. In the event of a security breach, we will notify affected users and immediately take steps to address the issue. Notifications may occur on the Lumiere website, within the application itself, or by email or phone, as dictated by the nature of the event.
Your Responsibilities
Users of the system have a responsibility to help keep their data safe by choosing sufficiently complicated passwords, storing them safely, and logging out of the system when it’s not in use. While we utilize SSL/TLS to encrypt data between web browsers and the server, it is also the responsibility of our users to keep the machines accessing Lumiere free from malware that might intercept data/keystrokes, hijack cookies or perform other unintended actions within the application.
European Safe Harbor Certification
Latitude Labs, LLC complies with the U.S.-EU Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from European Union Member countries. For more information and a full statement on our compliance, see our Privacy Policy.