Security and Disaster Recovery Policy
At LARA, we prioritize the security, integrity, and reliability of our platform to ensure uninterrupted service for our clients. Below is a comprehensive outline of our policies regarding backups, disaster recovery, database security, and more.
Backups / Disaster Recovery
  • Backup Frequency: We maintain 14 full backups of each LARA database for at least 3 months:
    • 1 backup per day for the last 7 days.
    • 1 backup per week for the last 4 weeks.
    • 1 backup per month for the last 3 months.
  • Backup Replication: Backups are replicated across at least 3 data centers on different continents to ensure redundancy and disaster resilience.
  • Data Center Locations: The exact locations of our data centers are detailed in our Privacy Policy.
  • Manual Backups: You can download manual backups of your live data anytime via our control panel.
  • Restore Process: Our support team can restore backups upon request, either to your live database or a separate environment.
  • Failover: For services hosted on hardware with potential failure, we implement local hot-standby replication monitored continuously. A manual failover procedure typically takes less than 5 minutes.
  • Disaster Recovery Objectives:
    • Recovery Point Objective (RPO): Maximum data loss is 24 hours in the event of a disaster requiring a full restore.
    • Recovery Time Objective (RTO):
      • Paid subscriptions: Service restoration within 24 hours.
      • Free trials or freemium plans: Restoration within 48 hours.
  • Testing & Monitoring: Daily backups and provisioning scripts are tested during routine operations, ensuring our disaster recovery plans remain effective.
Database Security
  • Dedicated Databases: Each client’s data resides in a dedicated database, ensuring complete data isolation.
  • Access Control: Strict rules ensure no data sharing or unauthorized access between customer databases.
  • Encryption: Customer passwords are securely stored using PBKDF2+SHA512 encryption (salted and stretched for thousands of rounds).
  • HTTPS Security: Login credentials and data are always transmitted over secure HTTPS connections.
Password Security
  • Password Protection: Passwords are encrypted with industry-standard algorithms, ensuring they are never stored in plain text.
  • Lost Passwords: Our team cannot retrieve your password. The only option for recovery is a password reset.
  • Custom Settings: Administrators can configure rate limiting and cooldowns for repeated failed login attempts.
Staff Access
  • Controlled Access: LARA support staff may access your account settings to resolve technical issues. Access is limited to their credentials, not your password.
  • Privacy Respect: Our staff adheres to strict policies to respect your privacy, only accessing what is necessary to resolve your issue.
  • Audit Trails: Staff actions are logged for transparency and security auditing.
System Security
  • Hardened Infrastructure: All LARA servers run on secure, patched Linux distributions.
  • Controlled Access: Only a select group of trusted engineers have clearance to manage servers via encrypted personal SSH keys on devices with full-disk encryption.
  • Minimal Installations: Servers are configured with only the essential software to minimize vulnerabilities.
Physical Security
Our servers are hosted in trusted data centers worldwide, adhering to the following standards:
  • Restricted perimeter access, authorized employees only.
  • Biometric and badge-based physical access controls.
  • 24/7 monitoring with security cameras.
  • On-site security personnel 24/7.
Credit Card Safety
  • No Local Storage: Credit card information is never stored on our systems.
  • Secure Payment Processing: All transactions are securely transmitted directly between you and our PCI-compliant payment providers.
Data Encryption
  • Encryption in Transit and At Rest: All customer data is encrypted using state-of-the-art standards (e.g., AES-256).
  • SSL Certificates: Communications are protected with 256-bit SSL encryption, ensuring Grade A ratings at all times.
  • Internal Encryption: All internal communications between servers are encrypted (e.g., SSH).
Network Defense
  • DDoS Protection: Our data center providers have robust defenses against Distributed Denial of Service (DDoS) attacks, ensuring uninterrupted service.
  • Firewalls: LARA employs firewalls and intrusion detection systems to block malicious attempts, including brute-force login attacks.
Software Security
  • Continuous Monitoring: LARA’s codebase is regularly reviewed and updated to prevent vulnerabilities.
  • Prevention by Design:
    • SQL injections are prevented via ORM frameworks.
    • XSS attacks are mitigated using automated input sanitization.
    • CSRF tokens are implemented to protect against unauthorized POST requests.
  • Secure Access Control: Every request passes through robust access validation layers, ensuring unauthorized actions are blocked.
Reporting Security Vulnerabilities
We encourage clients and security researchers to report any vulnerabilities. Please contact our Security Team at Contact Page for prompt action.
Independent Security Audits
LARA undergoes regular audits by third-party security experts to ensure the highest security standards. While audit results are confidential, we continuously improve based on their recommendations.