Solutions

Resources

Featured Articles

Company

Support

Partner

Get a Demo Client Login

Solutions

Resources

Featured Articles

Company

Support

Partner

Get a Demo Client Login

Security & Compliance at Living Security

Trust Through Transparency

At Living Security, we believe that people are the core of a strong security posture. We apply that same philosophy to our own operations. Our platform is built with a "Security-First" architecture to ensure that while you are training your employees to be secure, your own data is protected by the highest industry standards.

Compliance & Certifications

Living Security maintains a rigorous compliance program to meet the needs of our global enterprise clients, including those in highly regulated industries.

SOC 2 Type II: We undergo annual independent audits to verify that our security controls meet the AICPA’s Trust Services Criteria. This ensures our systems are protected against unauthorized access and are available when you need them.


GDPR & CCPA: We are committed to data privacy. We comply with the General Data Protection Regulation (GDPR) for our international users and the California Consumer Privacy Act (CCPA), ensuring all personal data is handled with strict confidentiality and in accordance with user rights.


ISO/IEC 27001: Our internal Information Security Management System (ISMS) follows the ISO 27001 framework, ensuring a systematic approach to managing sensitive company and customer information.

Auditor Access: Our SOC 2 Type II report and privacy impact assessments are available to current and prospective enterprise customers under a non-disclosure agreement (NDA). Please contact your Account Manager or email security@livingsecurity.com.

Data Protection & Encryption

We ensure that your data is never "in the clear" and is protected throughout its entire lifecycle.

  • Encryption in Transit: All data moving between your network and the Living Security platform is encrypted using TLS 1.2 or higher (Transport Layer Security).

  • Encryption at Rest: All customer data, including training records and behavioral analytics, is encrypted at rest using AES-256 bit encryption.

  • Key Management: We utilize managed Key Management Services (KMS) to ensure encryption keys are rotated regularly and stored separately from the data they protect.


Infrastructure & Reliability

Living Security leverages world-class cloud infrastructure to provide a resilient and scalable experience.

  • Cloud Hosting: Our platform is primarily hosted on Amazon Web Services (AWS). We utilize AWS’s physically secure data centers, which are themselves compliant with SOC 2, ISO 27001, and FedRAMP.

  • Availability: We target 99.9% uptime for our core platform. We use multi-zone redundancy to ensure that even in the event of a regional hardware failure, your training programs remain online.

  • Backups: Encrypted backups are performed daily and stored in geographically redundant locations to protect against data loss.

Application & Product Security

  • SSO & Authentication: We support Single Sign-On (SSO) via SAML 2.0 (e.g., Okta, Azure AD, Ping Identity). This allows your IT team to manage access centrally and enforce your own Multi-Factor Authentication (MFA) policies.

  • Vulnerability Management: We conduct regular automated vulnerability scans and periodic professional Penetration Testing by third-party security firms to identify and remediate risks.

  • Secure Coding: Our engineering team follows OWASP (Open Web Application Security Project) best practices. Security reviews are integrated directly into our CI/CD deployment pipeline.

Human Risk & Internal Controls

  • Employee Training: As a security awareness company, we "walk the talk." Every Living Security employee undergoes rigorous security training and monthly simulated phishing exercises.

  • Access Control: We follow the Principle of Least Privilege. Internal access to customer production data is restricted to a small number of authorized engineers and is only granted when necessary for troubleshooting or maintenance.

  • Background Checks: All employees undergo comprehensive background checks prior to joining the team.

Report a Vulnerability

Living Security welcomes feedback from the security research community. If you believe you have found a security vulnerability in our platform, please report it to security@livingsecurity.com.