Frequently Asked Questions Related to Data Security

You can decide where your data will reside. You can create your own account with any industry leading public cloud service provider. If you manage your own account, you have full control over your data. If you choose to use a cloud account managed by Lazsa, your data security is our responsibility.

All the required security controls for a Lazsa-managed cloud account are in place and are managed by our Site Reliability Engineering (SRE) team.

You can opt for SSO authentication built on top of your corporate identity service provider or you can choose the Lazsa-managed authentication mode.

• If you choose the first option, authentication and security of user credentials are taken care of by your corporate ID provider, and not by Lazsa.

• If you choose Lazsa-managed authentication, the Lazsa Platform makes sure that user credentials are stored securely in an encrypted format. Your credentials are safe with us.

Your authorized Lazsa Administrator has full control on who can access your enterprise data. The Lazsa Platform uses role-based access control (RBAC) to manage access and authorization for users across various Lazsa objects and processes. Lazsa provides predefined roles that come with a set of default permissions to perform certain actions in Lazsa. Additionally, Lazsa Administrator can create custom roles, grant permissions to custom roles, and assign roles to users.

You can choose whether you want Lazsa to manage tools credentials for you, or you want to manage them in your own secrets management tool.

• If you choose the first option, your credentials are securely stored in the Lazsa Platform by using best secrets management tools.

• If you have a secrets management tool installed in your environment, Lazsa securely connects with it to consume credentials in an encrypted format. Lazsa supports all the industry-leading secrets management tools like Cyber Ark, AWS Secrets Manager, and Azure Key Vault, among others.

Of course. The Lazsa Orchestrator Agent service is a safe, secure, and light-weight connector that resides within your environment. The Lazsa Orchestrator Agent is responsible for a secure handshake between Lazsa services (in your public network) and your secrets management tool in deployed in your cloud environment. So, whenever the Lazsa Platform needs to call any application or tool in your environment, the Lazsa Orchestrator Agent connects with your secrets management tool, retrieves credentials in an encrypted format, and shares them with the Lazsa Platform. Lazsa uses these credentials to log on to the required application and proceeds with the next steps in the workflow.

Sensitive information like PII and PHI is stored securely and user access to data is fully controlled in the Lazsa Platform. To provide desired functionalities to customers and to ensure the best user experience, Calibo needs to collect, store, and process the following data on Lazsa:

• User's first name and last name

• Business email address

• Company name

• Country

• Job title

• Phone number

Calibo interprets this data as personally identifiable information (PII) and takes its protection seriously. As a non-negotiable component of PII protection, Calibo uses AES256 algorithm and disk encryption. Calibo does not use any of your sensitive information for Calibo’s own business needs.

All the collaborators must be given access through roles and permissions by Lazsa Administrator. Access to sensitive data can be restricted through such controlled access.

Our Role-Based Access Control (RBAC) is a testimony to our Zero Trust Approach.

If you choose Calibo-managed PaaS offering, we host and store your data in industry-best public cloud along with Lazsa services. We avail services of the underlying cloud platform to securely store data and back it up. We use disaster recovery mechanisms (like data mirroring to different geographical locations) of underlying public cloud platform to ensure continuous availability.

Each customer gets a dedicated set of Lazsa services and data services. This means your data is fully private to you. It is never shared with other Calibo customers.

If Calibo manages your cloud account, Calibo ensures regular data backups.

We continuously monitor the health status of the platform workflows through security assessments and automated compliance monitoring. Continuous automated detection of misconfiguration or potential vulnerabilities allows us to take remediation measures quickly on a continuous, ongoing basis.

The Calibo Information Security and Data Privacy Policy has been defined to ensure the highest level of information systems security. The platform infrastructure is ISO-compliant. The data security and privacy norms are aligned with industry best practices.

End-to-end security is infused in each phase of your PDLC. During development, we make sure the source code is secure. None of the third-party components carries any vulnerabilities. After we deploy the build, we employ best-in-class monitoring and security tools to continuously assess the health status of the deployment.

Yes. We are compliant with the latest industry standards.