Laserfiche Cloud supports single sign-on with Active Directory Federated Services (AD FS) and SAML Authentication with identity providers such as Okta and Azure Active Directory.
Laserfiche Cloud supports industry-standard password controls, such as password minimum length, complexity and history.
Laserfiche performs a vulnerability scan of backend servers that run in the Laserfiche Cloud hosting environment.
Laserfiche engages third-party vendors to conduct external penetration testing of the Laserfiche Cloud system.
Laserfiche Cloud utilizes host-based intrusion detection systems to reduce the risk of data theft by individuals or organizations attempting to gain unauthorized access.
Laserfiche Cloud’s firewall configuration settings are regularly reviewed based on industry standards.
Repository application auditing
Laserfiche Cloud supports auditing of both access and modification of objects in repositories.
Administrators can configure access rights and privileges to limit actions that users can perform across the repository based upon role assignments or group memberships.
Fine-grained access control
Administrators can use access rights to limit and control access to individual documents and objects. For example, security tags restrict access to documents on a document-by-document basis.
Repository audit log
The Laserfiche Cloud repository audit log includes details of user actions, including viewing, modifying, creating and deleting documents, and similar operations on metadata and other repository objects.
Laserfiche Cloud provides tenant isolation by logically segregating customer data between accounts. Customers do not have access to any other customer’s data or services.
Laserfiche uses AES-256 encryption to encrypt customer data. Connections over the Internet to Laserfiche Cloud are encrypted using HTTPS over TLS 1.2 or higher. Requests over unencrypted HTTP will be automatically redirected to the equivalent HTTPS endpoint.
Business Continuity and Disaster Recovery
Laserfiche Cloud is hosted in multiple regions. Regions consist of multiple availability zones that are comprised of multiple data centers. These data centers are housed in separate facilities with redundant power, networking and connectivity.