Home >> Applications >> Platform Overview >> State-of-the-Art Security

State-of-the-Art Security

LucidEra knows how important security is to our customers. Our on-demand business model enables us to devote significant resources to the development of a state-of-the-art, bulletproof security infrastructure to safeguard our customers' data and communications.

LucidEra has created a best-of-breed security infrastructure assembled from leading edge technologies proven to be the most secure for each function. All firewalls and encryption devices are sourced from leading Internet security providers, configured by expert professionals, and rigorously tested before being placed into production. LucidEra’s security has been audited by Symantec Corporation, AppSec (a leading security penetration testing firm), and certified by salesforce.com for publication on the AppExchange.

Because a solution is only as secure as its most vulnerable point, LucidEra implements a broad array of security measures at multiple locations throughout its architecture. Specific examples of our security measures include:

• Physical Security
  LucidEra's production equipment is located at the Equinix data center in Sunnyvale, California. Equinix data centers are SAS 70 certified and the location maintains 24-hour security.
• Perimeter Defense
  LucidEra secures the perimeters of both production and corporate networks with multiple firewalls. All production firewalls are managed by LucidEra Operations, which continually monitors firewall logs using an intrusion detection engine that scans for known attack patterns to identify potential vulnerabilities before they are breached.
• Data Encryption
  The strongest available encryption protects all LucidEra customer data transmitted over the Internet. An SSL certificate signed by authentication leader Thawte and the lock icon in the corner of the user's browser assures you that your data is fully shielded from access in transit. LucidEra leverages the strongest encryption currently supported by browsers, using a 1024-bit RSA public key and letting employees access data with 128-bit encryption from their browsers.
• User Authentication
  LucidEra customer data can be accessed only with a valid username and password combination, which is encrypted via SSL for Internet transmission to prevent theft. Users are automatically prevented from choosing weak or obvious passwords. Once a LucidEra session has been established, an encrypted session ID cookie that does not contain username or password information is used to identify the user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals.
• Application Security
  Similar to multiple ATM machines accessing a centralized banking system, our robust application security model prevents one LucidEra customer from accessing another customer's data. This security model is reapplied and enforced for the entire duration of a user session.
• Internal Systems Security
  Within perimeter firewalls, LucidEra systems are safeguarded by a variety of security features including network address translation, port redirection, IP masquerading, non-routable IP addressing schemes, and other precautionary measures.
• Operating System Security
  LucidEra enforces tight operating system-level security by using a minimal number of access points to all production servers and protecting all operating system accounts with strong passwords; production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security.
• Database Security
  Access to production databases is limited to a minimal number of points; as with production servers, production databases do not share a master password database.
• Reliability and Backup
  In the event of a catastrophic event or failure, all customer data can be restored from the previous nightly backup. LucidEra further enhances our reliability measures by storing all customer data on mirrored disks.

Learn about IT Innovation, Not Infrastructure >>

Fill out our simple form and we'll reply promptly.