Security

Level Access considers security a permission-to-play value and embeds information security best practice throughout our products and operations. Our Information Security Policy captures this intention and direction from our highest level of management. 

ISO 27001

Our industry-leading hosted software platform, and its supporting operations are ISO 27001 certified, giving customers the peace of mind the assets and services are protected. Our Security Statement gives an overview of the controls we have in place. If you would like a copy of our certificate, please email infosec@levelaccess.com.

Business Continuity and Disaster Recovery

Keeping information confidential and free from destruction is one thing, but you need to know our services will be there when you need them. To ensure this we leverage AWS’s world-class infrastructure to provide the highest level of resilience on the underlying infrastructure. We have built our services and processes on top of that infrastructure to recover and self-heal, guaranteeing we meet both your needs and exceed our SLA. Our Platform Resilience Statement describes our technical continuity and recovery strategies we put in place from Business Continuity Planning and testing exercises to meet these needs.

External Penetration Testing

New vulnerabilities are being discovered every day and all modern software has dependencies. This is why we put together a robust Vulnerability Management Policy and security testing program to ensure we monitor and respond to vulnerabilities as quickly as possible. Our Vulnerability Management Policy is itself internal-only, however, to provide assurance to customers, other interested parties and to ourselves, we run an annual third-party penetration test against the platform to test that our Policy and Program are performing as expected. Please email infosec@levelaccess.com for a copy of the latest attestation report. 

Access.JS Whitepaper

As the leaders at the vanguard of digital accessibility, we develop cutting-edge technologies to help our customers find and fix issues. One such product to help with this is our Access.JS tag library. Tags can bring risk if unmanaged and security-aware teams are right to be cautious about deploying new tags on their websites. To help your teams assess our Access.JS tag library and gain confidence that it does only what it says on the box we have written a whitepaper. Please contact infosec@levelaccess.com for a copy.