Security at Lighthouz AI
Freight brokers run mission-critical financial workflows on Lighthouz. We treat your data — invoices, BOLs, rate cons, and customer records — with enterprise-grade security from day one.
Encryption in transit & at rest
All traffic uses TLS 1.2+. Data at rest is encrypted with AES-256 on managed cloud infrastructure.
Authentication & SSO
SSO via Google and Microsoft. SAML SSO and SCIM provisioning available on enterprise plans.
Least-privilege access
Role-based access control internally and for customer tenants. Admin actions are audit-logged.
Hardened infrastructure
Hosted on top-tier cloud providers (AWS / GCP) with isolated tenants, private networking, and managed key rotation.
SOC 2-aligned controls
We operate against SOC 2 Type II control objectives. Report and DPA available under NDA on request.
Monitoring & logging
Continuous monitoring, centralized logging, and alerting on anomalous access or behavior.
Sub-processors & DPAs
Vetted sub-processors under written data processing agreements. List available on request.
Incident response
Documented incident response plan with customer notification commitments aligned to applicable law.
Reporting a vulnerability
We welcome reports from security researchers. Please email security@lighthouz.ai with details of the issue, steps to reproduce, and any proof-of-concept. We commit to acknowledging reports within 2 business days and will keep you informed as we investigate and remediate.
Compliance & documentation
SOC 2 Type II report, penetration test summary, security questionnaire responses, and DPA are available under NDA. Contact security@lighthouz.ai.