Security · Last updated 14 May 2026

Security, practically.

You're putting your delivery plans, your people's names, and your contractor spend into Lighthouse. The least we owe you is a straight answer about how it's protected. No theatrics, no buzzwords — what we actually do.

Encrypted, always

TLS 1.3 in transit. AES-256 at rest. Keys managed in AWS KMS — Lighthouse engineers can’t see your data without a per-incident audited break-glass.

Isolated by org, every row

Every table is row-level-security-scoped to your organisation. Even if a query forgets a WHERE clause, Postgres refuses to return data from another customer.

Auth that adults use

Email + password with bcrypt. Microsoft / Google OAuth. SSO integration (identity provider of choice) is available as a negotiated scope on Enterprise contracts. Sessions expire on idle.

Audit log, on by default

Every mutation is logged — who changed what, when, from where. 90-day retention on Team tier. Unlimited on Enterprise. Streamable to your SIEM on request.

Hosted in your region

Primary: Sydney, Australia (Supabase + Vercel ap-southeast-2). EU data residency on Enterprise. No data leaves your region without explicit setting.

AI without the AI risk

Lighty runs on Anthropic Claude with zero-retention API. Your data is never used to train AI — yours, Anthropic’s, or anyone else’s. Period.

Compliance posture

We're a young company. We're honest about that. Here's where we are right now and where we're going:

  • Today: Internal security policies, encrypted everything, daily backups, Sentry monitoring, principle-of- least-privilege access controls.
  • Q3 FY26: SOC 2 Type I audit in progress.
  • Q1 FY27: SOC 2 Type II target.
  • On request: Pen-test reports, security questionnaire responses, DPA / MSA review for Enterprise deals.

Operational practice

  • Production access goes through audited break-glass — no routine human access to customer data.
  • Every deploy runs an automated security check (CodeQL + dependency scan + secret scan). Failed checks block the deploy.
  • Daily off-site Postgres backups, 30-day retention. Restore tested monthly.
  • Incident playbook: detection → containment → customer notification within 72 hours per GDPR / NDB scheme.
  • Status & incident history: status.lighthouse.delivery

Responsible disclosure

Found a vulnerability? Tell us at security@lighthouse.delivery. First responses within one business day, fixes triaged by severity. We'll credit you publicly if you want — no bounty programme yet, but we'll send you a thank-you and swag for the good ones.

Need the long-form answer?

Enterprise procurement teams: we have a security questionnaire already prepared (CAIQ-Lite), a DPA, and engineering on call for vendor-review calls. Email security@lighthouse.delivery or start at /contact.