Lumio Technologies software teams undergo regular security awareness training and have a continual threat modelling system in place for the software.
Regular penetration tests are carried out to ensure that the system is protected against vulnerabilities and we use best practices and open standards to ensure that we protect against common attack vectors. Notably, we use the OAuth 2.0 and OpenID Connect standards to enable token based authorisation for all our internal services, ensuring that we don’t rely on perimeter security alone.
Access to the live system is available only to a small number of people. Any access is done via secure channels.