Last Updated: June 2024
At Labster, the security of our network, data, and infrastructure is of utmost importance. We have implemented various measures to safeguard against unauthorized access, protect personal data, and ensure the integrity of our systems. Our commitment to cybersecurity and data protection is demonstrated through relevant compliance frameworks and ongoing security testing.
Labster achieved SOC 2 Type 2 compliance in May 2024. Achieving SOC 2 attestation has demonstrated our commitment to cybersecurity and data protection. Ongoing security testing and compliance audits are part of our efforts to maintain and build trust with clients and partners regarding our security posture.
Labster has five (5) data centers (US, DE, UK, CA, AU) globally that provide us with the capability to meet customer geographical data tenancy requirements. We also have data privacy processes that enable us to best align with the GDPR and US Data Privacy Laws.
Labster has obtained relevant compliance certification:
Labster continues to implement policies, processes, and procedures to align with the following security frameworks:
We take network security seriously and have implemented the following measures:
To protect sensitive data, we employ the following practices:
Data submitted to Labster is encrypted in transit using Transport Layer Security (TLS) and encrypted at rest using military-grade AES-256 encryption, ensuring the confidentiality of sensitive information.
Labster’s infrastructure is continually monitored for security vulnerabilities, and updates are applied automatically to maintain a secure environment.
Labster hosts customer data within cloud-based data centers. The data centers are ISO 27001 certified. Physical security is managed by the cloud provider, which includes 24/7 on-site physical security and camera surveillance.
Our infrastructure, including servers, databases, and cloud services, is secured through:
We prioritize employee awareness and training to strengthen our security posture:
Labster has a comprehensive Privacy Policy that outlines how we handle prospective and current customer, vendor, and employee data: https://www.labster.com/privacy-policy/.
We are committed to accessibility and have an Accessibility Conformance Report (VPAT 2022). The report and additional information about our accessibility efforts are available: https://www.labster.com/accessibility/.
Labster has the following Policies in effect:
Labster continually strives to improve and align our security posture with ISO 27001 and NIST 800-171 and GDPR. Ongoing security testing and compliance audits are part of our efforts to maintain and build trust with customers, partners and prospects.
You have the right to free information about your Personal Data processed and stored by us, its origin, recipient, and the purpose of data processing, as well as a right to correction, blocking, or deletion of such Personal Data. You also have the right to limit the processing and to object to the processing.
To assert your rights, please contact us via [email protected] or you can perform your right to data access and deletion directly by reaching out to us via our online form here.
Labster does not offer a “Rewards for Bug Bounty”, or similar, program.
Security researchers are prohibited from publicly disclosing vulnerabilities without the prior written consent of Labster’s Security team. You are encouraged to contact Labster’s Security team for clarification before engaging in conduct that may be inconsistent with, or unaddressed by, Labster’s policies. Labster encourages customers, users, and vendors who might find vulnerabilities in or on Labster’s information assets, and would like to report in good faith, to contact Labster’s Security team at [email protected].
Labster requests that any customer, security researcher, or other individual who finds a flaw, system outage, or vulnerability in our platform report them in a responsible and ethical manner to [email protected] or our Live Support at help.labster.com.
For any additional questions or concerns regarding Labster’s data security, please reach out to us at [email protected].
This statement will be reviewed at least annually, or when there are significant security roadmap or framework changes.