Keeping our platforms secure

Our technical teams recognize that security is an on-going and ever evolving challenge which is why we implement regular software updates and patches. LightRocket is also subject to frequent vulnerability scans and penetration testing, to ensure our systems are as secure as they can be. Book an appointment with our security specialist if you'd like to know more.

Keeping our platforms secure

User security & data protection

Authentication and Access

LightRocket offers multiple levels of security. These include; 2FA (two factor) authentication, SSO sign-on (single user sign on), email link validation and captcha verifications. All are designed to keep your system and data safe from unauthorized access or attacks.


Security isn't just a question of data, networks and servers. LightRocket is committed protecting and respecting the privacy of all its clients. The company adheres to GDPR standards ensuring that no personal data is collected without consent and data protection officers are available to remove personal data on request.

File & storage security

World Class Secure Storage

All our data is hosted on AWS, which is considered the gold standard for secure storage. Amazon data centers are designed for global latency and are protected by layers of physical security. Its S3 storage service is designed for 99.999999999% (11 9's) durability, and currently stores data for millions of customers around the world.

Always Backed Up

It goes without saying that your data is backed up. LightRocket creates disk snapshots and database backups to ensure rapid recovery if needed.

Malware protection

When it comes to malware, you can never be too cautious. LightRocket uses anti-malware software to scan all incoming files, ensuring your server is always protected. Our systems are regularly updated and patches are applied to block potential vulnerabilities.

Network & server security

Network Security

To ensure security across all our networks, we define tight Access Control Lists for accessing our networks, both internally and externally, and we use Virtual Private Clouds (VPCs) to isolate our clients' infrastructure within a region.

VPCs also guarantee that communication between different AWS endpoints stays private and never leaks to the public internet.

With tight IAM permissions we ensure that access to AWS resources are limited to scope permissions in AWS infrastructure for purpose-driven users.

WAF (Web Application Firewall) Protection

LightRocket has deployed WAF protection to add an extra layer of protection which filters incoming traffic and defends against sophisticated application attacks, and can help detect and mitigate DDoS attacks.


LightRocket ensures full encryption in transit (TLS 1.2, TLS 1.3). VPN technology is deployed to protect connections to our internal infrastructure. All S3 archive data is also encrypted at rest.

Network Monitoring

We have deployed industry standard technology which provides notifications of downtime, unexpected latency or packet loss in network routes. We receive alerts about SSL certificate events or changes in infrastructure configuration.

Interested in getting to know more?

Get in touch with us today to find out how we can help improve your digital asset management.

Subscribe to our newsletter

Sign up to get the latest DAM blog posts, industry trends, success stories, and more delivered straight to your inbox.