Trust Center
At LeaseQuery, we realize that security and reliability are very important to our clients.
Our clients trust us with their data and we take this responsibility very seriously. Ensuring the security of our clients’ data, and the systems and applications that store this data, is a top priority for us.
LeaseQuery welcomes any and all security community support to further protect our systems and customers. Please use the following form to register a security-related question or concern.
CATEGORY
TOPIC
DETAILS
Accessibility
Accessibility
LeaseQuery is committed to making our software applications and websites accessible to people with all levels of ability.
We are constantly working towards improving our user experience to ensure we provide equal access to all of our users. As such, our efforts are guided by the Web Content Accessibility Guidelines (WCAG), which defines requirements for designers and developers to improve accessibility for people with disabilities.
If you have any questions regarding our applications, contact us at
1-800-880-7270 or customersupport@leasequery.com for assistance and feedback.
Asset Security
Baselines
LeaseQuery leverages baselines to ensure compliance, stability, and security. This includes code repositories and version control, hardened/golden images, enforced user and system policies, performance and stability metrics/reporting, and more–with logging and alerting to capture changes.
Hardening Standards
Availability and Reliability
Change Management
Availability and Reliability
Code Review
Availability and Reliability
Segregation of Environments
Business Continuity
Backups
Business Continuity
Business Continuity
Business Continuity
Disaster Recovery
Compliance
CCPA
LeaseQuery is compliant with the California Consumer Privacy Act (the “CCPA”). California residents may have additional privacy rights under the CCPA. For more information, please see LeaseQuery’s Privacy Statement.
Compliance
GDPR
Compliance
Hardware
- Huawei Technologies Company
- ZTE Corporation
- Hytera Communications Corporation
- Hangzhou Hikvision Digital Technology Company
- Dahua Technology Company
Compliance
HIPAA
Compliance
SOC
LeaseQuery is audited and receives a SOC I Type II report, as defined by the American Institute of Certified Public Accountants, twice per year from a Big 4 accounting firm. LeaseQuery’s SOC reports are available to all customers and by request for prospective customers. More information can be provided by contacting: complianceinfo@leasequery.com
Data Security
Data Classification
Data Security
Data Encryption At-Rest
Data Security
Data Privacy
The personal data LeaseQuery needs to provide its service is limited to the names and business contact information of its users, as well as logfiles reflecting usage of the solution. If LeaseQuery customers choose to upload their contracts to LeaseQuery’s solution, those contracts may include names and business contact information relating to the lease counterparties and any individuals identified by such leases (e.g., an individual identified as a point of contact for receiving notices under the lease). Sensitive personal information is not permitted to be uploaded to LeaseQuery’s solution.
Please see LeaseQuery’s data privacy statement for more information.
Data Security
Data Retention and Disposition
Our subscription agreement requires us to retain your data for at least 90 days after the termination or expiration of your subscription agreement (coinciding with your quarterly reporting cycle) to ensure you have sufficient opportunity to retrieve your data; however, you can also always request the exportation of your data during the term of the subscription or within 90 days thereafter.
Data Security
Digital Certificates
Data Security
Data Encryption In-Transit
Data Security
Non-disclosure agreements
Data Security
Secrets Management
Data Security
Password
Identification, Authentication, Authorization, Auditing, and Accountability
Access Control
For customer-facing solutions, LeaseQuery maintains formally defined external user types, with varying access rights and privileges based on the role of the user.
Identification, Authentication, Authorization, Auditing, and Accountability
Identification
Identification, Authentication, Authorization, Auditing, and Accountability
Job Roles
Identification, Authentication, Authorization, Auditing, and Accountability
Passwords
Identification, Authentication, Authorization, Auditing, and Accountability
Single-Sign On (SSO)
Incident Management and Response
Incident Response Plan
Incident Management and Response
Monitoring and Logging
Infrastructure
Data Center
- AWS datacenter compliance controls: https://aws.amazon.com/compliance/data-center/controls/
- AWS datacenter SOC reports: https://aws.amazon.com/compliance/soc-faqs
Infrastructure
Physical Security
Infrastructure
Cloud Hosting
LeaseQuery solutions are hosted within Amazon Web Service’s (AWS) data centers and only leverage US-based regions/data centers. For more detail regarding AWS data center security, see: https://aws.amazon.com/compliance/data-center/data-centers/
Organizational Security
Acceptable Use
Organizational Security
Central Contact
LeaseQuery’s Chief Information Security Officer (CISO) is responsible for developing and enforcing information security policies.
Organizational Security
Contractor Usage
Organizational Security
Employee Background Checks
Organizational Security
Employee Status Change
Organizational Security
Personnel Security
Organizational Security
Security Program
Organizational Security
Secure Remote Access
Organizational Security
Separation of Duties
Organizational Security
Training and Awareness
Operational Security
Asset Management
Operational Security
Procurement
Threat and Vulnerability Management
Antivirus Antimalware
Threat and Vulnerability Management
Threat and Vulnerability Management
Penetration Testing
Threat and Vulnerability Management
Responsible Disclosure
LeaseQuery understands that the disclosure of vulnerabilities helps ensure protection and privacy across the internet. LeaseQuery maintains policies and procedures governing the responsible disclosure of known vulnerabilities which present material risk to LeaseQuery customers or partners.
Threat and Vulnerability Management
Risk Mitigation
LeaseQuery engages in ongoing risk analysis and reporting primarily through a cadence of frequent and regularly scheduled meetings with the Chief Information Security Officer and executive management, including the Chief Executive Officer. The Chief Information Security Officer also maintains contact with security forums and other notification agencies to help identify threats and vulnerabilities.
Threat and Vulnerability Management
Vulnerability Management