Skip to content

A software solution you can trust

We believe protecting your data with the best security features is vital to the Lexop experience. We are committed to ensuring up-to-date security measures are always in place so our customers can have peace of mind.

Lexop | Best security features

Market-leading security


What is SOC2 compliance?

Service Organization Controls (SOC)
for Service Organizations are internal control reports performed by an independent third-party auditor that demonstrate key IT controls are aligned, designed, and applied effectively to its control objectives.

They are based on the American Institute of Certified Public Accountants' (AICPA) existing Trust Services Criteria (TSC) that outline five trust service principles of security, availability, processing integrity, confidentiality, and privacy of customer data as a framework for safeguarding data.

SOC 2 defines the criteria required to maintain robust information security, ensuring we adopt processes relevant to our objectives and operations.

What does Lexop's SOC 2 compliance mean in practice?

1.   We regularly monitor for malicious or unexplained activity, document system configuration changes, and check user access levels.

2.   We have the infrastructure to recognize threats and alert the appropriate parties so they may take necessary action to protect data and systems from unauthorized access or use.

3.   The relevant information on all security incidents is readily available to evaluate the scope, remediate as necessary, and restore data and process integrity.


Operations and features

Asset 21-1


  • Service hosted by PCI-DSS and SOC2 compliant providers (Azure)
  • Automated software scanning and vulnerability remediation for any deployed code
  • Regular pen-testing and industry-leading security auditing


Asset 20-1


  • In-transit 256-bit HTTPS encryption
  • Automated traffic safeguards and monitoring
  • Content security policies to restrict any malicious scripting

Asset 19-1


  • Data stored in highly-secured environments
  • At-rest AES-256 encryption
  • No access to sensitive payment and user information



Asset 18-1


  • SOC2 incident response plan with a dedicated security team
  • Highly available and tolerant to outages



Asset 6

End users

Our privacy policy underlines how we use and protect your personal data. Check out our privacy policy in full here.

Want to know more about how you will be protected?