Security is of the utmost importance to Lighthouse. We are one of the only companies in the ediscovery services industry to become ISO 27001-certified and HIPAA/HITECH compliant according to independent third-party auditors. We expect to be the first ediscovery services provider to achieve PCI DSS (credit card industry standards) compliance in 2018. Our state-of-the-art SOC 2 certified data centers provide reliable and secure data hosting services to our clients. We provide multiple layers of security by protecting against intrusions and maintaining sophisticated structural and environmental controls. Our security protocols have been vetted by Fortune 10 corporations.
We are committed to maintaining the highest level of security to protect client data. We regularly handle, process and host for review large volumes of sensitive data from a myriad of industries, including financial services, healthcare, pharmaceuticals, high technology, and oil and gas.
We have also carefully selected best-of-breed software tools that we can offer to our clients, as well as implemented policies and procedures (e.g. strong password and encryption) to help ensure our clients’ data remains safe at all times.
The critical components of our ISO 27001-certified and HIPAA/HITECH Security Program are as follows:
- Data Center Facilities: Physical security controls include multi-zone security, appropriate perimeter deterrents, on-site guards, biometric controls, CCTV, secure cages, and fire detection and suppression systems
- Reliable Infrastructure: Dedicated high-speed links provide peace of mind that data will be transferred quickly and reliably.
- Vulnerability Management: Software vulnerabilities are identified and patched within a systematic process and timeframe and after the patch is tested.
- Data Center Inspections: Regular reviews are performed at each data center to ensure maintenance of the security controls necessary to comply with the security program.
- Disaster Recovery: Secondary data centers represent a full mirror of our primary data centers’ client-facing applications.