Security

We’re experts at information security, and we do it right. Outsource your monitoring with confidence that your data is safe in our hands.

Security best-practices are baked into the fundamental architecture of both the LogicMonitor product and how LogicMonitor operates as an organization.

security datasheet icon

Security Datasheet

The short version: a one-page overview of LogicMonitor’s security stance.


Download Overview

security whitepaper icon

Security Whitepaper

The whole enchilada: a deep dive in LogicMonitor’s security controls.


Download Whitepaper

soc3 audit report icon

SOC3 Audit Report

Don’t take our word for it. Have a look at our third-party audit that covers how we handle operational security.


Download Report

LogicMonitor Security

Platform & Collector Security

The LogicMonitor Service is based upon two primary components: the LogicMonitor SaaS Platform and the LogicMonitor Collector. Each of these has numerous built-in security controls and protections.

To ensure your data is protected the LogicMonitor Platform uses encryption throughout – both when it’s transmitted across a network and when it’s stored – to ensure that only those that should see your data can get to it. Access to your account is secured with strong authentication using our built-in two-factor system or by integration with your SAML identity provider. Our IP Whitelisting feature further prevents unauthorized third-parties from accessing your account. Once logged in, fine-grained access controls allow you to ensure each individuals’ access is scoped based on the principle of least privilege.

The LogicMonitor Collectors you install within your operating environments have been specifically designed for high security. Upon installation, each Collector is uniquely keyed to a LogicMonitor account using modern cryptographic techniques. Because communication between the Collector and the LogicMonitor Platform takes place only over outbound HTTP/TLS it doesn’t have any open ports, leaving it resistant to any network-based attack.

Built on these secure foundations, the LogicMonitor service is continually evolving. We employ a secure software development lifecycle as we develop and improve the service, including multiple stages of threat modeling and security testing from feature conception to release.

Operations & Organizational Security

The LogicMonitor service is built upon a high-availability, high-security operational stack. Our platform is built upon security-hardened Linux servers with intrusion prevention systems applied both at the host and network perimeter. Access to our production systems is secured by multiple layers of authentication and authorization, with rights based on the principle of least privilege.

Earning our customers’ trust is of paramount importance to LogicMonitor, so we’ve baked in security practices throughout the organization. Employee background checks are completed as part of our hiring practices, and security awareness training is conducted on an ongoing basis to ensure that both our customer and our corporate data is handled with security at front-of-mind.

Certification, Auditing, and Compliance

To demonstrate our commitment to the security and confidentiality of our customers' data, we have our organization-wide security practice validated by multiple third parties.

LogicMonitor undergoes annual certification against the ISO/IEC 27001:2013 and ISO/IEC 27017:2015 standards, which validate the comprehensiveness of our foundational information security program as well as the security of our cloud service operations. The ISO/IEC 27000 Standards are the most rigorous in the industry and underscore our commitment to protect customer data. Our information security program is also audited to the AICPA SOC2 (SSAE 18) Standard, which validates the operations of controls that provide for the security, confidentiality, and availability of our customers' data. These audit certifications, in the form of our SOC2/SOC3 report, and ISO 27000 certificates are available for review by current and prospective customers.

We further validate the security of our service with annual penetration tests against our applications. LogicMonitor engages professional security consultancies to discover and exploit security defects in our product, and we provide them with our full source code to give them every advantage that a real attacker wouldn’t have. If the good guys can’t break our security – even with a helping hand – surely the bad guys can’t. We can provide an attestation of our penetration testing engagements to our prospective and current customers upon request.

LogicMonitor maintains a minimal amount of incidental personal data on our end users, which is used only for alert delivery and audit logging purposes. We maintain our customers’ personal data in alignment with the requirements prescribed by the EU General Data Protection Regulation (GDPR) and commit that we use this data only for its intended purpose.

soc3 audit report icon

27001:2013 Certificate


soc3 audit report icon

27017:2015 Certificate


FAQ

What are the security impacts of running a LogicMonitor Collector in my network?
The Collector has been carefully designed with high-security in mind. In operation, the Collector accepts no connections from your network, and initiates only outbound connections: either within your LAN to the devices it’s been assigned to monitor or outbound to the LogicMonitor platform.

What level of access does the Collector have to the devices it monitors?
LogicMonitor’s best practices dictate that the Collector have the least possible privileges to gather instrumentation for any given device; most devices require only read-only access. Access configuration for each device is entirely within our customers’ control, and our documentation provides details on how to configure the minimum required rights.

How is data transmitted between the Collector and the LogicMonitor platform?
All communication between the Collector and LogicMonitor’s service platform takes place only over the HTTPS protocol using TLS encryption encoded with only the strongest ciphers. Communication is always initiated by the Collector, so changes to your perimeter firewalls are typically not required. Further, the Collector authenticates LogicMonitor using X.509 certificates to thwart any man-in-the-middle attacks between itself and the LogicMonitor platform.

What kind of device data does LogicMonitor collect and store?
There are two classes of information stored by LogicMonitor: device metadata (IP address, system type, SNMP community string, configuration data, etc.) and performance information (CPU load, disk utilization, request latency, etc.). All device metadata, including those that are not typically sensitive, are encrypted prior to storage. Less sensitive performance data is stored in a proprietary high-performance time-series database system.

What kind of personal information does LogicMonitor store?
The LogicMonitor platform stores only a minimal amount of personal information about our end-users. We need only an end-user's name, email address, and optionally mobile number for those that opt to receive alerts via SMS. User passwords are not stored at all; instead we store salted one-way hashes. Alternately, LogicMonitor supports SSO via any SAMLv2 Identity Provider system such as OKTA or ADFS.

Who has access to your data?
Only your end-users can access your data, and our role-based access control system ensures you can tailor access as appropriate to your environment. Those with “Administrative” rights can add, delete, suspend, or change the access levels of other users in your account. Other access roles can be defined that limit what data can be viewed and/or changed. While our default configuration allows for access by LogicMonitor’s support engineers, this may be disabled at any time. Once disabled, you may elect to temporarily enable that account so we can log in to help you with a specific issue.

How is the LogicMonitor platform protected?
LogicMonitor operates our service platform out of professionally managed datacenters with the highest-grade security measures:

  • SOC 2 Type 2 or ISO 27001 certified
  • Servers housed in locked cabinets
  • Ingress and egress secured with electronic key cards and biometric scans
  • 24×7x365 high resolution, motion-sensitive video surveillance
  • Fully redundant power and cooling
  • VESDA Fire-threat detection and suppression

What operational procedures do you have to protect data you've collected?
The LogicMonitor platform is subject to rigorous validation to ensure the security, availability, and confidentiality of our customer’s data. We undergo an annual third-party audit to demonstrate our compliance with SOC 2 Type 2 security principles. Further, we have a professional security consultancy conduct a source-code assisted penetration test of our application on an annual basis. If the good guys – given every advantage – can’t successfully attack our platform, surely the bad guys can’t.

Let's get started.

Get a 14-day free trial, no CC required.

Sign Up Free explore platform