Security

At Legado, the security of platform data is our highest priority.

Security from the start

We designed the Legado platform from the ground up to provide world-class, frictionless security, so you protect your most valuable data.

That’s why fundamental controls, including infrastructure hosting choice, identity and access management and data security, are built right into the core of our platform.

Strong identity and
access management

Manage user access seamlessly with multi-factor authentication (MFA) tools that give your users options for receiving MFA codes, including TOTP, SMS, and email.

Integrations with single sign-on (SSO) providers streamline verification across applications. Flexible tools for admins include granular password controls and configurable session timeouts.

Built-in content
protection

Encrypting data is essential to a zero-trust security strategy. Our core security leverages TLS 1.2 encryption for strong encryption in-transit and 256-bit AES encryption for data at rest.

For even more control, Legado platform has a custom cryptographic service which is applied automatically to data prior to Microsoft encryption.

Procedures, Protocols
and Techniques

The principle of least privilege is applied throughout the organisation. This is the limiting of access to the minimal level that will allow normal functioning.

Regular penetration tests are carried out to ensure that the system is protected against vulnerabilities, and we use best practices and open standards to ensure that we protect against common attack vectors. Legado is ISO27001 certified, which includes a comprehensive risk tracker across the company.

Secure sharing and
collaboration

Your sensitive data stays secure as you interact with users within your business and with customers outside. Legado has advanced controls on who can access shared links with expiration options.

Even better, collaboration security can be applied at user, file, and folder levels. It’s the perfect balance of flexibility and regulation, built for precise information rights management.

Working with you

Legado complements your existing tech stack, integrating easily with best-of-breed security tools and identity providers you already have in place for a seamless authentication experience.

Achieve comprehensive, zero-trust security across devices and quick deployment by integrating Legado with your EMM and mobile device management (MDM) platform. Plus, integrate events with your event management (SIEM), and cloud access security broker (CASB) for a unified view.

null

User

  • Strong and adaptive authentication (including SS0 and MFA).
  • Password controls.
  • Flexible identity lifecycle management.
null

Encryption

  • AES 256-bit encryption which includes Data Centre encryption and Client-side encryption.
  • FIP 140-2 certified.
  • Key vault with customer managed keys.
null

Reporting

  • Centralised audit logs.
  • Historical reporting.
  • Flexible integrations.
null

Global infrastructure

  • Choose the location of your data-centre.
  • Establish Geo-replicated backups.
null

Data loss prevention

  • User behaviour analytics.
  • Access policy integration.
  • ISO27001 compliant.
  • Context-aware detection & dynamic controls.
  • Automated mitigation.
null

Endpoint

  • IP allow-lists.
  • Device security integrations.

Global leaders trust Legado with their most sensitive data