Ledidi

Product
Study Design Data Capture Statistical Analysis & Data Visualisation Collaboration
Use Cases Pricing Resources About Us Contact Us Log In
Back to Trust Centre

Data security

Ledidi Core adheres to industry standards for encryption, multi-factor authentication, logging, VPN, backup, data recovery and prevention of attacks.

Ledidi uses a layered security architecture for defence-in-depth with state-of-the-art technologies combined with operational security to provide optimal data protection. 

The platform is built on the secure global infrastructure of AWS, and the data is protected end-to-end with encryption of data in transit and at rest in combination with confidential computing to protect data in use. Industry standards are used for encryption, multi-factor authentication, logging, network configuration, backup, data recovery and prevention of attacks.

Secure Architecture: Key Facts

  • End-to-end Encryption with Confidential Computing

    All user data in Ledidi Core is protected end-to-end with encryption of data in transit and at rest in combination with confidential computing, which protects data during processing. Ledidi uses the AWS Nitro technology for confidential computing. This ensures that the data processing is performed in a hardware-based, attested Trusted Execution Environment (TEE), which prevents all unauthorised access or modification of code and data while in use. Confidential computing is recognised as “State-of-the-art” technology in GDPR terms by the European Union Agency for Cybersecurity (ENISA).

  • Secure Network Configuration

    The components of the solutions are established and run on a separate logical network in AWS (Virtual Private Cloud), and all components are protected by configuration of AWS security groups constituting virtual firewalls. These are used on multiple levels, i.e. to restrict the number of components that need to be in the same network zones to only the ones that are required to be in that specific zone. AWS WAF is used to provide additional protection against web attacks for those resources that have to be exposed on public networks, like the APIs.

  • Data Storage Location

    All data is by default stored, processed and backed up in AWS data centres within the European Union.

  • Backup and Data Recovery

    All data is backed up at regular intervals. The platform has built-in restore capabilities, which includes the possibility to rebuild in a separate cloud environment to ensure data availability and recovery.