Security practices

Last updated: July 1, 2023
We take the security of your data seriously at Lido. If you have additional questions regarding security, we are happy to answer them. Please write to security@trylido.com and we will respond as quickly as we can. This Security Practices page describes the technical, administrative, and physical controls applicable at Lido.

Hosting, Architecture, and configurations

Cloud-Based Services

The cloud-based Lido services are operated on a multitenant architecture at both the platform and infrastructure layers that is designed to segregate and restrict access to any applications, workflows or processes you and your users build using the Lido services (each, a “Custom App” or spreadsheet). This infrastructure is provided and hosted by the Google Could Platform, by Google (“GCP”). Information about security provided by GCP is available from the Google Cloud Platform website. Information about security and privacy-related audits and certifications received by GCP, including information on SOC reports, is available from the GCP Compliance website.

Database, Query and Workflow Configurations

When using Lido’s cloud-based services, you and your users may submit data and content to your Custom Apps (“Customer Data”), for example by querying a database or automating a workflow. You have the option to build and use Custom Apps without workflows and/or without connecting them to any database, or alternatively, you have the ability to connect Custom Apps to your own databases or databases hosted by third parties.

Storage of Customer Data

When you build a Lido spreadsheet (”Custom App”) and only store data in that spreadsheet, Lido stores Customer Data using infrastructure provided by GCP. When you instead connect a Lido spreadsheet to your own database or data resource or that of a third party, Lido does not store Customer Data but rather proxies requests to that database and applies the credentials server-side. The Lido services are architected this way because having the end-user's browser connect directly to the database would require you to provision every user individually, rather than just the Lido server, which would potentially expose credentials.

Confidentiality and security controls

Confidentiality

Lido places strict controls over its employees’ access to Custom Apps and any associated Customer Data. The operation of the Lido services requires that some employees have access to the systems which store or process this information and data. For example, in order to diagnose a problem you are having with the Lido services, we may need to access your account. These employees are prohibited from using these permissions to view Customer Data unless it is necessary to do so.

All of our employees and contract personnel are bound to our policies regarding confidentiality and we treat these issues as matters of the highest importance within our company.

Protection of Customer Data

While the protection of Customer Data is a joint responsibility between you and Lido, Lido will implement and maintain appropriate technical and organizational measures designed to protect your Customer Data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure when stored or processed using the Lido services. The Lido services have a number of security controls, including but not limited to:
  • Access Management. Lido can remotely disable users authenticated to the Lido services, on demand. Contact us for support questions.
  • Host Management. Lido uses a modern approach of immutable infrastructure. Lido deploys using immutable containers that are kept up to date by destroying and recreating them on a regular basis and promptly triage or remediate any findings that present a risk to our environment. We enforce screen lock-outs and the use of full disk encryption for company laptops.
  • Product security practices. New features, significant functionality, and design changes go through a security review process facilitated by the engineering team. In addition, our code is audited with automated static analysis software, tested, and manually peer-reviewed prior to being deployed to production.
  • Network Protection. We use sophisticated system monitoring and logging. We have implemented two-factor authentication for all server access across our production environment. Firewalls are configured according to industry best practices, using GCP security group, network segmentation, and flow logging.

Data Encryption

The Lido services use industry-accepted encryption products to protect Customer Data during transmissions between your network and the Lido services, and when at rest. The Lido services support the latest recommended secure cipher suites and protocols to encrypt all traffic in transit. Lido monitors the changing cryptographic landscape closely and works promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, Lido does this while also balancing the need for compatibility with older data sources.

Reliability, Backup, and Business Continuity

Lido is committed to making the Lido services a highly available service that you can rely on. The infrastructure Lido uses for delivering the services run on systems that are fault-tolerant, for failures of individual servers or even entire data centers. Lido’s operations team tests disaster recovery measures regularly and has a 24-hour on-call team to quickly resolve unexpected incidents. Lido performs regular backups, facilitates rollbacks of software and system changes when necessary and replication of data as needed.

Customer Data, when stored by Lido, is done so redundantly by using multiple GCP availability zones. Lido has well-tested backup and restoration procedures which allow recovery from a major disaster. Customer Data, Custom Apps and our source code are automatically backed up every night and stored for seven days. The operations team is alerted in the event of a failure in this system. Backups are stored for seven days in the event of a catastrophic failure and fully tested at least every 90 days to confirm that Lido’s processes and tools work as expected.

Deletion of Custom Apps and Customer Data

The Lido services provide the option for users to delete Custom Apps and all associated Customer Data stored by Lido at any time during a subscription term. Within 24 hours of user-initiated deletion, Lido hard deletes all Custom Apps and Customer Data from currently running production systems. Lido-maintained backups of services and data are destroyed within 30 days (backups are destroyed within 90 days, except that during an on-going investigation of an incident such period may be temporarily extended).