Security

Security Overview

LeanDNA® provides state-of-the-art security to ensure that our customer data is not compromised. At LeanDNA®, we know that security is crucial to you – that’s why security is our top priority. We devote significant resources to continually develop our world-class security infrastructure.

Get Started

Security Details

LeanDNA® is configured by experts and rigorously tested before going into production. Our world-class security infrastructure includes proven, up-to-date firewall protection, intrusion detection systems, SSL/TLS encryption, and other security technologies, including proprietary systems developed specifically for LeanDNA®. Security and access controls have been implemented at multiple levels that involve physical security, network monitoring and protection, data encryption, user authentication, as well as application and database security.

Secure Network Architecture

LeanDNA® uses Virtual Private Cloud technology to isolate its services at the network layer. In addition, Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services. ACLs, or traffic flow policies, are established on each managed interface, which manage and enforce the flow of traffic.

Data Encryption

LeanDNA® uses the strongest encryption products to protect customer data and communications. All data is encrypted in transit using high-grade encryption of SSL SHA-1 with RSA Encryption and RSA 2048 bit public key. Sensitive customer data is encrypted in the database using strong AES-256 encryption.

User Authentication

Users access LeanDNA® only with a valid username and password combination, which is encrypted via SSL while in transmission. A random session key is encrypted and is used to uniquely identify each user. Passwords are encrypted with SHA-256 encryption (Secure Hash Algorithm) with a salt value. Encryption is one way, and LeanDNA® enforces new password regeneration when a password is lost or forgotten. The lock icon in the browser indicates that data is fully shielded from access while in transit.

In addition, administrative access requires Multi-Factor Authentication as an additional layer of security for accessing the LeanDNA®services. This requires each user accessing our servers to provide a six-digit single-use code in addition to their standard username and password credentials before access is granted to our services.

Application Security

A User can only access LeanDNA® through an authenticated computer and IP address. During the first login, the User is sent an activation link which forces the User to authenticate their system and IP address with 24 hours. If a User attempts to access LeanDNA® from a different computer or IP address, the LeanDNA security protocol will automatically force the User to re-authenticate.

Our robust application security model prevents one LeanDNA customer from accessing another's data. This security model is reapplied with every request and enforced for the entire duration of a user session. Every customer contains a separate logical database to eliminate the possibility of exposing customer's data to other users. For LeanDNA® data and server access, we implement security best practices, such as least privilege, by granting unique credentials to every user and only grant permission to access the services and resources required for the users to perform their jobs.

Operating System and Database Security

LeanDNA enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords and multi-factor authentication. All operating systems are hardened by disabling and/or removing any unnecessary users, protocols, and processes. Security updates are regularly applied to all servers.
Access to production databases is restricted to a limited number of points, and production databases do not share a master password database. LeanDNA implements security best practices, such as least privilege, by granting unique credentials to every user and only grant permission to access the services and resources required for the users to perform their jobs. All data in the database is encrypted with strong AES-256 encryption.