We are committed to ensuring your secure use of the Liscio platform. Securing your data is foundational to Liscio and leads us to take the following leading-edge security measures:
We use a 256-bit key to encrypt data and files not only in storage but also a second time when data and files are in transit. This level of encryption meets federal government standards.
Whenever you click a link to access an attachment there must be security measures in place to protect the data in those files. We, along with the federal government, use Amazon Web Services Security Token Service to protect the files you access. Here’s how it works:
To access your files you must log in to the Liscio dashboard. Whenever you click a link to access a file, a temporary, unique token generates which grants you access to that file. The token expires after about 15 minutes; Clicking on the link again generates a new, unique token and grants you access to the file. The temporary access granted by the unique token means the identity of users is authenticated, limited, and controlled. The main purpose of this security measure is protecting personally identifiable information, which is at the core of consumer protection and privacy laws.
Liscio is an invite-only platform. This means that you and your customers can only access Liscio through an email invitation. This eliminates the risk of hackers sending spoofs or phishing scams through your primary communication channel.
As of March 2019 Liscio has implemented Multi-Factor Authentication using Google Authenticator, which can be enabled by all users as an additional layer of security. We highly recommend all users (Clients and Firms) set up and enable Multi-Factor Authentication. For further reading please see here and here.