Security at LottieFiles
We leverage HTTPS/TLS across our platform to ensure data is secure while in transit and advanced encryption standards like AES-256 for data at rest.
We store your data with AWS, a trusted cloud provider with robust physical security controls. Only authorized personnel and systems can access the necessary data.
Our access management policy ensures that only authorized personnel can access sensitive areas of our infrastructure.
We conduct peer reviews and tests on our code before release, including manual and automated checks for potential security issues.
Our platform is closely monitored for potential incidents through advanced threat detection, logging, and alerting systems.
We comply with global privacy requests, including the rights and obligations under the General Data Protection Regulation (GDPR).
We conduct regular internal and third-party vulnerability assessments and penetration tests. Additionally, we use various code analysis and dependency analysis tools to ensure our systems remain secure.
We conduct regular security awareness training for all employees, focusing on best practices, threat awareness, and the importance of data protection. Our goal is to create a security-conscious culture where every team member plays an active role in safeguarding our users' data.
Our comprehensive Incident Response Plan (IRP) outlines procedures for efficiently detecting, responding to, and recovering from security incidents. We regularly update and test our IRP to ensure readiness in the event of a breach or threat.