Security Statement


SOC-2 Compliant Data Center

LMBX servers are co-located in a SOC-2 (“Service Organization Controls Type 2”) compliant data center. A SOC 2 examination signifies that a service organization has had its control objectives and control activities examined by an independent accounting and auditing firm.

Hosting Infrastructure

The data center provides 24x7 staffed CCTV monitoring, biometric access controls, redundant power, HVAC dry cooling, and multiple geographically diverse internet backbones. Physical access to servers is restricted to our administrators and data center personnel.

Backup and Redundancy

We make daily incremental backups and weekly offsite backups of primary lead data. We also make daily backups of system applications and web sites. For redundancy we utilize RAID hard disk arrays and multiple backup servers.

Protection of Sensitive Data

We have taken reasonable and appropriate security measures to protect against unauthorized access, unauthorized alteration, disclosure or destruction of data. These measures include firewalls, VPNs, secure socket layers, strong encryption, password policies, session timeouts, and IP address filtering. We do not allow access from IP addresses outside of the United States unless whitelisted by our staff. Passwords are never stored in our database. Certain sensitive fields such as credit cards and social security numbers are encrypted before storage, and are never transmitted unsecured. We have taken reasonable efforts to secure our mail server, however email transport is inherently insecure because data is transmitted unencrypted.

Changes to this Security Statement

We may, without any notice to you, revise this policy by updating this page. Please review this page from time to time to be aware of any such changes.

Last Updated: May 18, 2016