How Lucid secures customer data

Jonathan Snow

Reading time: about 4 min

Topics:

  • Behind The Scenes

When a company chooses to use Software as a Service (SaaS), the convenience of the application is often one of the main drivers. However, the company must ensure the SaaS provider securely protects their customers’ data. In the security world, we often refer to system security with three terms: Confidentiality, Integrity, and Availability. This is often referred to as the CIA Triad, or just CIA. Each of these items is unique, but they’re also tied together.

Confidentiality ensures only the appropriate individuals can access data. 

Integrity ensures that data is not changed when it should not be changed. This includes situations like someone purposely changing data maliciously, as well as inadvertent changes. 

Availability ensures that the data is accessible to the right individuals when it needs to be available to them. 

Looking at the CIA Triad, we can see that focusing specifically on one item can lead to the detriment of the others. For example, if we focus on integrity to ensure the data is never changed, we might consider putting the data in a secure vault (electronic or physical).  But if we do this, the data would not be easily available to the appropriate individuals when they need it, if it’s available to them at all. 

Like any SaaS company, Lucid Software’s customers have data stored on our application’s servers. Securing our customers’ data is of the utmost importance, and we use several methods to secure customer data. 

How Lucid protects customer data

Encryption

Encrypting data enables the user to send and receive information to/from the application securely, without an unapproved person seeing that information. This is in-transit data and includes information like login credentials, and images used in documents. 

Lucid ensures all of our users’ connections use HTTPS. Additionally, at-rest data (data stored on the server/database) is encrypted along with database-level encryption, and full disk encryption on our servers and workstations. For additional security measures, we provide Enhanced Privacy (Strict Privacy and Lucid KMS), which prevent our teams from accessing customer data and documents.

Authentication

As mentioned above, all Lucid user connections are HTTPS. Username and password information is sent securely from the user to our servers. On our side, the passwords are salted then hashed and are not visible to Lucid employees. 

For our customers to have additional control and security, we support Single Sign On (SSO) which allows our customers to implement their own security measures. Lucid products support secure user authentication and authorization through any identity provider using SAML, including Google, Okta, OneLogin, Ping, ADFS, Centrify, and Shibboleth. We also integrate with any SCIM provider, including Okta, OneLogin, Azure, and more.

SOC 2 Type II Audit, Penetration Tests, and Vulnerability Scans

With security controls in place, it is important to have those controls tested and validated. Lucid conducts regular vulnerability scans, third-party semiannual penetration tests, and works with a third-party organization to audit our security controls. 

With each of these scans, tests, and audits, reports are generated with any potential findings. While the security measures we have in place ensure we do well on these tests, we have additional processes established to review the findings and take appropriate action. This allows us to continuously improve our security measures and posture. 

Amazon Web Services

Lucid uses the industry’s leading provider of secure computing infrastructure, Amazon Web Services (AWS), for our products and services. AWS has the highest security measures in place, which we leverage to further improve our own security for our products and services. AWS also has its own services audited and certified, including SOC 2 Type II and ISO 27001.

Enterprise Shield add-on

Lucid’s Enterprise customers can upgrade to the Enterprise Shield add-on to streamline processes for safeguarding sensitive data while adding elevated compliance controls to Lucid’s already highly secure platform.

With Enterprise Shield, admins have the ability to:

  • Automatically identify sensitive data, such as PII, in documents and use granular controls to dictate how to protect enterprise data.

  • Control exactly who gets access to data and add additional layers of protection to prevent any unauthorized access.

  • Enhance compliance by supporting legal discovery, compliance, and data governance needs with content lifecycle management.

These capabilities, combined with other Enterprise Shield features, give customers an enhanced layer of fortified security and control.

Conclusion
With Lucid providing SaaS products, we provide easy-to-use and accessible products while implementing stringent security measures so our customers can use our products with confidence. Click here to learn more about our security practices and certifications.

About Lucid

Lucid Software is a pioneer and leader in visual collaboration dedicated to helping teams build the future. With its products—Lucidchart, Lucidspark, and Lucidscale—teams are supported from ideation to execution and are empowered to align around a shared vision, clarify complexity, and collaborate visually, no matter where they are. Lucid is proud to serve top businesses around the world, including customers such as Google, GE, and NBC Universal, and 99% of the Fortune 500. Lucid partners with industry leaders, including Google, Atlassian, and Microsoft. Since its founding, Lucid has received numerous awards for its products, business, and workplace culture. For more information, visit lucid.co.

Get Started

  • Contact Sales

Products

  • Lucidspark
  • Lucidchart
  • Lucidscale
PrivacyLegalCookie privacy choicesCookie policy
  • linkedin
  • twitter
  • instagram
  • facebook
  • youtube
  • glassdoor
  • tiktok

© 2024 Lucid Software Inc.