Blog
Recent
bg
Industry News

Compliance and LastPass

LastPassJuly 30, 2024
Compliance and LastPass

When it comes to security, trust is crucial. As threats evolve and new technology challenges emerge, LastPass remains unwavering in our commitment to security. 

That’s why we leverage our Trust Center to maintain open communication with you so that you can be confident in our product and company. Through the Trust Center, LastPass shares our investments in security, data encryption processes, organizational-level protocols, and more. Additionally, we provide visibility into our company and product security, down to our encryption standards and security team structure. You can vet our strategy and product architecture with the information provided, so that you can continue to feel confident in our ability to safeguard your data.  

We've built the LastPass Trust Center around four essential principles: Security, Privacy, Compliance, and Transparency. Let’s take a closer look at the Compliance principle and what that means for your data security.  

Compliance ensures we meet privacy rules and requirements for all locations and industries we serve. LastPass adheres to global privacy and security certification regulations. In addition, we leverage intensive internal and external reviews by experienced security professionals to confirm we meet or exceed industry best practices. 

LastPass certifications cover all aspects of security to provide comprehensive protection of customer data.  From intensive internal and external reviews and tests conducted by experienced security professionals to a regular assessment of industry standard practices, LastPass ensures we are always in compliance with the latest industry guidance. 

As part of the Trust Center, the Compliance Center is your central hub for accessing our compliance, security, and policies documents, including certificates for SOC 2, SOC 3, and ISO 27001. You can also view real-time status updates for each of our compliance controls within our monitoring dashboard. 

Powered by Drata, the leading security and compliance automation platform, the LastPass Compliance Center provides customers and partners seeking LastPass security assurance information with a continuously updated view of important system statuses.  

Anyone can now visit our Compliance Center and download our security policies and other assurance information such as SIG Lite, summaries of our penetration testing reports and other relevant information in an effort to both increase transparency about our program and support the building of trust with our customers and security industry at large. 

Our partnership with Drata also gives us a more structured way to share Compliance and Security Assurance documentation with our customers and prospects at large, with a process that is more efficient to our internal teams who used to process these manually. 

Further, our customers and prospective customers will now have a similar level of visibility into the health and coverage of our security controls as we ourselves have, serving as a driving force to ensure we are transparent in our approach to security, privacy and compliance and identifying and collaborating with internal stakeholders for any required resolutions. 

Since day one at LastPass, we've striven to go beyond industry expectations in our level of transparency with customers. Our goal is to be open and thorough with customers about how we prioritize and invest in the security of LastPass, at both the corporate and product architecture level. With the Trust Center we seek to meet our customers' security needs and set a new benchmark for how companies should communicate and build trust with their users.  

Learn more by heading to the LastPass Compliance Center.