Security


You can sleep well knowing that your data is safe. Lightpost has been built with this in mind from day one.
Outlined below are just some of the ways that your data is protected.

  Servers & Hosting

How we host our technology

  • Hosting infrastructure runs primarily on private servers at Latitude and Linode as our primary hosting providers, and Digital Ocean as our off-site backup.

  • Extensive logs and metrics are kept regarding activity that happens on Lightpost servers.

  • Servers are only accessible via an SSH connection via specific IP addresses. SFTP and other access is disabled.

  • Two-factor authentication is enabled for all third party services related to Lightpost.

  Lightpost Application

What powers Lightpost

  • Lightpost web applications and services are a SaaS platform built on an industry leading web framework: Laravel.

  • The Lightpost mobile application is built with React Native using Expo.

  • The framework and application dependencies are continually kept up to date.

  • All database calls are sanitized before execution.

  • CSRF tokens are utilized to prevent cross site request forgeries in our web applications.

  • All application errors and warnings are logged into a bug tracker for detailed analysis.

  Encryption

How data is secured

  • All Lightpost web and mobile applications transmit data over encrypted, TLS-enabled connections (HTTPS).

  • Passwords are stored using the one-way, bcrypt hashing method. Passwords can never be seen or retrieved, even if you wanted to.

  • Specific information identified as sensitive in our database is encrypted at rest.

  Backups

We employ several methods for data backup to make sure your data is never lost and our backups are never old.

How data is stored

  • The Lightpost database employs encrypted, streaming replication to a secondary off-site location.

  • We take takes daily, weekly and monthly off-site backups of the database.

  • The secondary database takes daily, weekly and monthly backups, and stores these remotely at an off-site location.

  • Backup and replication processes are automatically and continually monitored. Priority alerts are triggered if replication or backups fail.

Want more details? I'd love to chat! Reach out for more information.

© 2025 Tiny Bit Farm LLC® All rights reserved.

lightpost-prod - 0.030s