Our system maintains detailed access logs and audit trails. These logs record user activities, providing a clear record of who accessed what data and when. Regular reviews of these logs help identify anomalies and potential security breaches.
We take data security seriously and partner with trusted data center providers that adhere to industry best practices and rigorous physical security protocols.
The LeadsOnline datacenters are Tier-1 datacenters based in Texas. These facilities are equipped with a comprehensive set of physical security measures to ensure protection against unauthorized access.
The LeadsOnline Nighthawk product data is stored in AWS GovCloud datacenters. AWS has implemented thorough physical security controls to prevent unauthorized access.
LeadsOnline has made multi-factor authentication (MFA) available for use on client accounts. Our MFA feature is available on either an agency-wide basis, or individual users can request to enable it for added security.
When MFA is enabled, users will be required to provide an additional verification code sent to their registered cell phone number when logging in from an unknown IP address. Additional security settings may also be customized on an agency-wide basis.
This two-step verification process allows for an extra layer of protection for user accounts, thereby reducing the risk of unauthorized access even if login credentials are compromised.
We implement RBAC, which means that users are assigned specific roles within the system based on their job responsibilities and requirements. Each role is associated with predefined permissions and access rights, allowing users to perform their tasks without unnecessary access to sensitive data.
For internal access, our RBAC system is designed to ensure that our employees have access only to the information and tools necessary for their job functions, minimizing the risk of internal data breaches and unauthorized access.
LeadsOnline supports Single Sign-On (SSO) for our platform. Our SSO solution allows users to access our platform using their existing credentials from trusted Identity Providers (IdPs). Users within an organization's SSO environment can seamlessly access our platform without the need for separate login credentials.
