Security is our number one priority. It’s the cornerstone of our platform and with security designed into the core, coupled with industry-standard compliance, you can focus on your products –
not your risk profile.
Managing data is a crucial part of our work with risk and vulnerability. Our platform has built-in security, and all our solutions use an authorization engine with pre-defined roles and corresponding authorities. Countersignatures are used to minimize human errors and prevent fraud. And everything is logged and searchable.
External expertise performs vulnerability scans so-called “Ethical Hacks” annually on our products to minimize the risk of exploits. We also use “Clair” to perform internal vulnerability scans on our products.
LeanDev uses Elastx, a Swedish provider of secure Kubernetes environments. Elastx is ISO 27001, ISO 27017 and ISO 27018 certified. They’re also a certified Kubernetes provider, and together we’ve developed a best-practice Clustered Kubernetes setup. Also, all data is stored and will never leave Sweden. Read more about our Kubernetes set-up.
Our customers work in highly regulated environments. To do business means to adhere to complicated compliance and regulatory requirements. That’s why we ensure our services keep our customers compliant with a minimum of fuss.
Players in the financial industry must pay close attention to the compliance regulations issued by international regulatory bodies. In Sweden, we primarily follow the rules issued by the Swedish Financial Supervisory Authority (Finansinspektionen), and the Swedish Data Protection Authority (Datainspektionen).
We continually review all existing and new compliance regulations. We also have close interactions with customers – existing and new – to understand how they interpret the compliance regulations and their impact on their business.
Based on our analysis of relevant compliance regulations, and with insights learned with our customers, we continue working to ensure that our services stay compliant. It’s an ongoing process, and most of our new releases include compliance enhancements to our services.
Our production environments are certified to ISO27001. And we’re in the process of getting our entire organization, and all our services certified to ISO27001. We will have this process completed during 2020.