Security & Compliance

Security & Compliance

Our clients entrust us with their #1 asset — their data.

This is why trust, privacy and information security are core to our business.



In a management climate where good business decisions are either data-driven or lucky, companies are partnering with Lexer to capitalise on their data’s potential. Often this involves sharing sensitive data which should be protected by a series of rigorous controls and audits.
Lexer confidently meets and exceeds these requirements. We maintain several security, risk and compliance initiatives, including ISO 27001:2013 certification; routine audits on our software, infrastructure and business process; and expansive ISMS and Privacy Policies.
We also leverage independent third parties to help us strengthen our security. This includes periodic network scans, continuous host scans, penetration testing and security control audits. Ensuring we have the proper tools and processes to protect the privacy and safety of our clients is our priority.





A comprehensive security framework.

Our Information Security Management Systems (ISMS) policy defines all client data as restricted information and explains in detail how we protect it through a series of controls primarily outlined by ISO27001:2013.

We work with our clients to ensure the ISMS satisfies their data governance needs.

A copy of our ISMS policy is available on request.

  • Data encrypted in transit and at rest
  • Stored in secure facility
  • Access granted to appropriate personnel
  • Building on best practice security operation




Audit & Certification

Maintaining best-in-class security certifications.

Understanding the importance of information security in today’s data environment, Lexer is both SOC 2 audited and ISO 27001:2013 certified.

We are committed to ensuring our ISMS policy continues to meet and exceed the requirements of ISO 27001:2013.

Documentation of our certification is available on request.

  • SOC 2 audit
  • ISO/IEC 271001:2013 Compliant
  • Routine internal audits
  • Combining our ISMS and operational security




Dashboard Security

The latest in web and browser security.

We employ many web development best practices to ensure our clients data and usage is protected. From security systems such as Encrypted Connections (HTTPS), Two-factor authentication and a comprehensive audit log of all activity.

Built and tested upon the best practices outlined in OWASP Top 10 and CWE/SANS 25, our dashboard is under many continuous and routine tests and audits to ensure the highest of security.

  • Two-factor authentication
  • Strong password validation
  • Tested against OWASP 10, CWE/SANS 25
  • Continuous testing and validation





Proud to maintain a 99.9% uptime.

The design and development of our Action Cloud is geared toward ensuring our clients can enjoy the greatest possible uptime.

This commitment also manifests in the relationships we cultivate with key web service providers.

  • 99.9% uptime
  • Relationships with key hosting partners




Vulnerability Management

A security environment subject to rigorous, continuous testing.

Lexer undergoes regular self-run and third-party penetration tests of each aspect of our security environment, while delivering a best practice Patch Management program and the latest in cloud network and system security.

We invite our clients to schedule audits on our infrastructure and setup as required.

  • Best practice Patch Management
  • Routine penetration tests
  • Internal and third-party audits



Get in touch

Learn more about how we protect your data by getting in contact.

Get in contact