SOC 2 compliance
Lumin utilizes enterprise-grade best practices to protect our customers’ data, and works with independent experts to verify its security, privacy, and compliance controls, and has achieved SOC 2 Type 1 report against stringent standards.
Table of contents
SOC 2 Report
Continuous Security Control Monitoring
Employee Trainings
Penetration Tests
Secure Software Development
Data Encryption
Vulnerability Disclosure Program
- SOC 2 Report
- Continuous Security Control Monitoring
- Employee Trainings
- Penetration Tests
- Secure Software Development
- Data Encryption
- Vulnerability Disclosure Program
SOC 2 Report
We work with an independent auditor to maintain a SOC 2 report, which objectively certifies our controls to ensure the continuous security of our customers' data.
Developed by the Assurance Services Executive Committee (ASEC) of the AICPA, the Trust Services Criteria is the set of control criteria to be used when evaluating the suitability of the design and operating effectiveness of controls relevant to the security, availability, or processing integrity of information and systems, or the confidentiality or privacy of the information processed by the systems at an entity, a division, or an operating unit of an entity.
Continuous Security Control Monitoring
Lumin uses Drata’s automation platform to continuously monitor 100+ security controls across the organization. Automated alerts and evidence collection allows Lumin to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Penetration Tests
Lumin works with industry leading security firms to perform annual network and application layer penetration tests.
Secure Software Development
Lumin utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Data Encryption
Data is encrypted both in-transit using TLS and at rest.
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Lumin’s security, please get in touch at [email protected]. Our security team promptly investigates all reported issues.
Learn more about Lumin security
Lumin has a robust, modern security system. We focus on customized security solutions in conjunction with industry-standard compliance.
Explore security center