Security and Certifications
To make sure Lytho is a truly secure SAAS platform, we make sure we are compliant with the current and widely-recognized security standards. Lytho takes the security of your content and data very seriously. We use the best engineering practices and tools to build our platform and integrate the highest security standards.
All your content & data are backed up, stored securely and password protected. For content storage, Lytho uses an ISO 9001, SOC2 and ISO 27001 Certified Trusted Third Party. All traffic between clients (browser, tablet, phones) and the Lytho servers is sent over an encrypted connection (TLS). Unless with your explicit permission, Lytho employees are prohibited from viewing the content of files stored in your Lytho account and are only permitted to view file metadata (like file names and locations). However, we have a small number of employees who must be able to access all user data in exceptional cases. We have a strict policy and use access control technology that restricts employee access. Also, we use audit logs to keep track of all actions.
The Trusted Third Party and Lytho also employ significant protection against network security issues such as packet sniffing and Man In The Middle (MITM) attacks. Your data is stored and backed-up across multiple data centers, uses highly secure data centers and all access is based on a multi-factor access control. All your company data is stored and safeguarded by SSL encryption.
In addition to ISO 9001 and 27001 for hosting and security, we would like to go a step further. Within Lytho, it is key that processes and services are executed in a controlled manner. Security and compliance are taken very seriously. We have extensively described the following processes and are also being audited Internally and externally:
- Backup and recovery Procedure
- Information & Security Policy
- Change Management Process
These procedures are drawn up according to the guidelines of the renowned international ISAE3402 standard. ISAE3402 is an international recognized auditing standard issued by the International Auditing and Assurance Standards Board (IAASB). This standard is widely accepted, because it represents an in-depth audit of a service organization’s control objectives and activities. Lytho is in possession of the ISAE 3402: 1 certification from December 2019.