Security Features for Account Users & Administrators
Access and Audit Logging
Detailed access logs are available both to Account
owners and Account administrators and are provided
on demand. We log every time a user signs in, noting
the type of device used and the IP address of the
Deletion of Customer Data
Leanbe provides the option for Account owners to
delete their data at any time. Within 48 hours of
Account owner initiated deletion, Leanbe hard
deletes the information from currently-running
production systems. Leanbe database backups are
destroyed within 7 days.
Data Encryption in Transit and At Rest
Leanbe supports the latest recommended secure
cipher suites and protocols to encrypt all traffic
We monitor the changing cryptographic landscape
closely and work promptly to upgrade the service to
respond to new cryptographic weaknesses as they are
discovered and implement best practices as they
evolve. For encryption in transit, we do this while
also balancing the need for compatibility for older
We understand that you rely on Leanbe to work.
We’re committed to making Leanbe a highly-available
service that you can count on. Most of our
infrastructure runs on systems that are fault
tolerant, for failures of individual services. Our
operations team tests disaster-recovery measures
regularly and staffs an around-the-clock on-call
team to quickly resolve unexpected incidents.
Leanbe’s database is stored redundantly at multiple
locations in our hosting provider’s data centers to
ensure availability. We have well-tested backup and
restoration procedures, which allow recovery from a
major disaster. Leanbe Service’s database is
automatically backed up nightly. The SRE team is
alerted in case of a failure with this system.
In addition to sophisticated system monitoring and
logging, we have implemented two-factor
authentication for all server access across our
production environment. Firewalls are configured
according to industry best practices and unnecessary
ports are blocked.
We perform automated vulnerability scans on our
production hosts and remediate any findings that
present a risk to our environment. Host setup is
automated, and the setup scripts are tested to avoid
human errors during setup.
Leanbe utilizes multiple logging systems in its
production environment which contains information
pertaining to security, monitoring, availability,
access, and other metrics about Leanbe Service.
These logs are analyzed for security events via
automated monitoring software, overseen by the
Incident Management & Response
In the event of a security breach, Leanbe team will promptly notify you of any unauthorized access to your data. Leanbe has incident management policies and procedures in place to handle such an event.