How is customer data protected?

Customer data is encrypted in transit with TLS and at rest using strong, industry-standard algorithms. Access is role-based and least-privilege, customer environments are logically isolated, and infrastructure is continuously monitored.

Who owns the data in LeanQubit?

The customer does. LeanQubit processes customer data only to deliver the service, does not sell it, and supports requests to export or delete data.

How does LeanQubit handle privacy regulations like GDPR?

We follow privacy-by-design principles — collecting only what is needed, defining clear retention, and supporting data-subject requests. Full detail is in our Privacy Policy.

How do I report a security vulnerability?

Email security@leanqubit.ai with enough detail to reproduce the issue. We support responsible disclosure, ask for a reasonable remediation window, and do not pursue good-faith research conducted under those terms.

Security & Compliance

Trust built intothe platform

LeanQubit connects OT and IT data into one operating picture — so security and compliance are core engineering, not add-ons. Layered controls, least-privilege access, and continuous monitoring protect customer data and industrial systems.

DefenseIn Depth

EncryptedIn Transit & At Rest

24/7Monitoring

Contact Security Read the Privacy Policy

DEFENSE IN DEPTH5 layers · 1 posture

SECURED

Infrastructure

Hardened cloud & network

Application

Secure SDLC & access control

Data

Encryption & isolation

Identity

Authentication & least privilege

Operations

Monitoring & response

Encrypt

In transit & at rest

Isolate

Per-tenant data

Monitor

Continuous

Defense-in-depth security model

Encryption in transit and at rest

Least-privilege, role-based access

Continuous monitoring and response

Our Approach

Security designed for the systems plants depend on.

LeanQubit connects OT and IT data into a single operating picture — so the platform touches some of the most sensitive systems in an industrial enterprise. We treat security and data protection as foundational engineering, not an afterthought.

Our practices follow a defense-in-depth model: layered controls across infrastructure, applications, data, identity, and operations, so no single failure exposes customer information.

We design and operate the platform to align with widely recognized security and privacy frameworks, and we work transparently with customers on the assurances their environments require.

Our Commitment

To protect customer data and industrial systems with layered controls, least-privilege access, and continuous monitoring — and to be transparent about how we do it.

ConfidentialAvailableResilientTransparent

Security Architecture

Layered controls across the whole stack.

LeanQubit applies controls at every layer so the platform stays protected even if one layer is challenged — a defense-in-depth model designed for industrial systems.

Layer 01 · Layer 01

Infrastructure Security

The platform runs on reputable cloud infrastructure with hardened networks, segmentation, and managed backups designed to protect availability and integrity.

Hardened cloudNetwork segmentationBackupsRecovery

The platform runs on reputable cloud infrastructure with hardened networks, segmentation, and managed backups designed to protect availability and integrity.

Hardened cloudNetwork segmentationBackupsRecovery

Security is built into our development lifecycle — code review, dependency scanning, and testing — so risks are addressed before changes reach production.

Secure SDLCCode reviewDependency scanningTesting

Customer data is encrypted in transit and at rest, with logical tenant isolation that keeps each customer’s data and workloads separate.

EncryptionTenant isolationKey managementRetention

Access is role-based and granted on a need-to-know basis. Production access is restricted, logged, and reviewed on a regular cadence.

Role-based accessLeast privilegeAccess reviewsAudit logging

Infrastructure and applications are continuously monitored, with incident response procedures to detect, contain, and communicate issues quickly.

MonitoringIncident responseAlertingCommunication

Compliance & Governance

How we approach compliance.

LeanQubit is an early-stage industrial software company. We are transparent about where we are today and the direction we are building toward.

Value for Framework alignment

"The platform is designed and operated to align with widely recognized security and privacy frameworks, including the principles behind ISO 27001 and SOC 2."

Talk to us

Key metrics

OEE uplift
avg across plants
0%
MTTR reduction
faster fault resolution
0%
Shift visibility
real-time coverage
0%

Data Protection

The practical controls behind the platform.

Concrete safeguards we apply across LeanQubit to keep customer data and industrial systems protected.

Encryption everywhere

Customer data is encrypted in transit with TLS and at rest using strong, industry-standard algorithms across our managed infrastructure.

Least-privilege access

Access to systems and data is role-based, granted on a need-to-know basis, and reviewed regularly. Production access is restricted and logged.

Tenant isolation

Customer environments are logically isolated so that one customer’s data and workloads are kept separate from another’s.

Monitoring & response

Infrastructure and applications are continuously monitored. We maintain incident response procedures to detect, contain, and communicate issues.

Secure development

Security is built into our SDLC — code review, dependency scanning, and testing — so risks are addressed before changes reach production.

Resilient infrastructure

The platform runs on reputable cloud infrastructure with backups and recovery practices designed to protect availability and data integrity.

Reporting

Found a security issue? Tell us.

Responsible disclosure

We welcome reports from security researchers and customers. Please share enough detail to reproduce the issue and give us a reasonable window to investigate and remediate before any public disclosure. We do not pursue good-faith research conducted under these terms.

Contact the security team

Report vulnerabilities, ask about our security posture, or request documentation for a vendor review. We aim to acknowledge reports promptly.

security@leanqubit.ai

FAQ

Common questions about security and compliance.

LeanQubit is an early-stage company. We design and operate the platform to align with the principles behind ISO 27001 and SOC 2, and our formal compliance posture matures alongside the company. Contact security@leanqubit.ai for the current status and any documentation you need for a vendor review.

Showing 5 of 5 questions

Next Step

Need security documentation for a vendor review?

Talk to the LeanQubit security team about our controls, data handling, and the assurances your environment requires — and we will provide what your review process needs.

Contact Security Read the Privacy Policy

Initializing Systems...

Trust built intothe platform

DefenseIn Depth

EncryptedIn Transit & At Rest

24/7Monitoring