IP Protection and Data Security

Clients Speak

«Luxoft's new ISO security certification and its use of top industry-standard security controls is of tremendous value. Luxoft’s track record and commitment to compliance is an important basis for our relationship.»

Tom Jarosh,
VP Operations,
IBM Systems and Technology Group

Thought Leadership

Ivan Gavrilyuk, CIO of Luxoft, investigates the issues surrounding data security in outsourcing arrangements.

Read more...
Luxoft’s solid infrastructure creates a transparent and unified development environment across all delivery locations.

General Security

  • Information security management system and information security policies are based on the ISO/IEC 27001:2005 (BS7799 Part 2:2002) security standard. Luxoft was certified on this standard in April, 2006 by Lloyd's Register Quality Assurance (LRQA)
  • Reservation and failover configurations for critical points (servers, network switches, routers, firewalls)
  • Strong procedures for maintaining access lists and passwords, including their expiration control and scheduled change
  • Personnel access restrictions and procedure management
  • Antiviral protection
  • Change management
  • Monitoring/logging of information access
  • Monitoring of informational/network services availability
  • Removable media controls

Network Security

  • Full physical and logical segregation of information and service networks
  • Cisco VLAN traffic separation
  • Cisco PIX firewalls with IDS at all external entry points into the site
  • Strong ACL policies
  • Encryption of data feeds between Customer and Vendor using VPN or/and dedicated channels
  • Unified center of LAN monitoring, managing and administering

Infrastructure

  • Structured cable system (SCS) in all company buildings based on products of Legrand, Molex and Retall with optical uplinks
  • CISCO active network equipment (Cisco 4500, 3500, 3700 series switches at core and distribution levels; Cisco 1700, 1800, 2600, 2800 series routers)
  • Dynamic routing protocols (OSPF or EIGRP, depend on Customer requirements)
  • 100/1000 Mbit switched Ethernet (Fast Ethernet, Gigabit Ethernet) and Fiber Optical LAN technology
  • Dell Power Edge series servers are used as a standard of server hardware
  • Scalability (minimum 2 times growth availability)

On-premises security

  • Luxoft Development Centers are located in dedicated physically secured, customer-approved areas
  • Security guards monitoring and 24x7 video surveillance
  • Electronic motion sensors, mantrap controlled entrance and exit
  • Security breach alarm, coded door locks and PIN cards

Disaster Recovery and Business Continuity

  • Disaster recovery and business continuity plans could be developed and tested on customer request

Want to learn more?

Contact us