Secure architecture The LogicMonitor product was built by IT security experts. Automatic encryption of sensitive data, both in transit and at rest Strong user authentication controls, including both 2FA and SAML integration Fine-grained role-based access controls allow you to tailor access to your environment to fit your specific needs. Formal security software development lifecycle, with multiple stages of threat modeling and security testing Secure data collection The LogicMonitor Collectors you install within your operating environments are designed for optimum security. Collectors initiate only outbound communications to the LogicMonitor platform, secured with TLS encryption. Each Collector is mutually authenticated to your account using modern cryptographic techniques. Collectors maintain sensitive data only in-memory and have no inbound network ports vulnerable to attack. Secure operations LogicMonitor’s operational platform is protected with best-in-class security. Built on security-hardened Linux servers with perimeter and host-based intrusion prevention systems Multiple levels of redundancy are integrated throughout the service platform to ensure high availability. Operated out of top-tier data centers and AWS regions, all with best-of-breed physical security Secure practices We maintain and use all customer data in alignment with the EU General Data Protection Regulation (GDPR) requirements. Minimal incidental personal data is stored for alert delivery and audit logging purposes only. Device access credentials are encrypted and stored only in memory—never written to disk. Salted one-way hashes are stored in place of user passwords. Secure standards The LogicMonitor platform is subject to ongoing third-party validation to ensure the security, availability, and confidentiality of your data. Application penetration testing, conducted by professional security consultancies, ensures that our product remains hacker-proof. AICPA SOC 2 Type 2 audits validate the controls that provide for security, high availability, and data confidentiality. Certification to the ISO 27000 family of standards demonstrates our commitment to holistic information security management across the organization.