Lumber Security Practice

Lumber takes security practice very seriously and has the highest standard of security policies built in our platform and processes. Our team has decades of experience building products for verticals like finance, health and constructions. Some of these verticals have very high standards for security policies.  Describing some of the practices we use below-

‍

‍

Data Security

We have multiple levels of data security. We ensure no unauthorized person can access the data, also data is encrypted so nobody can decrypt and use it.

‍

• Data is always stored in encrypted form by us.
• Data is transferred in the browser in secured form.
• All data sources are stored in private spaces.

‍

‍

Platform Security

We ensure that all our platforms are SOC complaints and also we have a platform secured against DDOS attacks.

‍

• WAF is implemented at access points to ensure no DDOS attack possible,
• All platform providers handling PII, Payroll data are SOC compliant.
• Authorization is implemented for all operations.

‍

‍

Security Testing and Policies

We do multiple levels of security testing to ensure security issues are caught earlier.

‍

• We do static code, open source, dynamic testing for each release.
• We have integrated all security testing in daily build operations to run it continuously.