• Services
    • For Tenants
    • For Brokers
    • Lease Accounting
    • Lease Abstraction
  • Plans
  • Resources
    • Blog
    • Customer Stories
    • FAQs
  • Company
    • About
    • Customers
    • Partners
    • Press
    • Contact Us
  • Request Demo
  • Login
  • Services

    For Tenants

    Protect your profits: Keep track of rent increases, renewals, and critical lease clauses.

    For Brokers

    Win more business: Clients are in the loop from site selection through LOI and lease signing.

    Lease Accounting

    Everything you need to meet and maintain ASC 842 compliance.

    Lease Abstraction

    Fanatically dedicated pros who sharpened their skills at Fortune 500 companies, SMEs, and government agencies

  • Plans
  • Resources

    Blog

    Discover the latest Leasecake product and company news.

    Customer Stories

    Discover why the franchise industry, multi-location corporate tenants, private-equity holding companies, and brokers rely on Leasecake.

    FAQs

    Frequently Asked Questions

    Webinar

    View our webinars

  • Company

    About

    What we believe, how it all began, and our fab team of cake-makers.

    Customers

    A sampling of the tenants, brokers, and landlords using Leasecake. 

    Careers

    Help us make lease management a piece of cake.

    Partners

    A global community
    of powerful partners.

    Press

    Leasecake in the News.

    Contact

    Let us know what’s
    on your mind!

Learn More
Login
Leasecake Logo
  • Services

    For Tenants

    Protect your profits: Keep track of rent increases, renewals, and critical lease clauses.

    For Brokers

    Win more business: Clients are in the loop from site selection through LOI and lease signing.

    Lease Accounting

    Everything you need to meet and maintain ASC 842 compliance.

    Lease Abstraction

    Fanatically dedicated pros who sharpened their skills at Fortune 500 companies, SMEs, and government agencies

  • Plans
  • Resources

    Blog

    Discover the latest Leasecake product and company news.

    Customer Stories

    Discover why the franchise industry, multi-location corporate tenants, private-equity holding companies, and brokers rely on Leasecake.

    FAQs

    Frequently Asked Questions

    Webinar

    View our webinars

  • Company

    About

    What we believe, how it all began, and our fab team of cake-makers.

    Customers

    A sampling of the tenants, brokers, and landlords using Leasecake. 

    Careers

    Help us make lease management a piece of cake.

    Partners

    A global community
    of powerful partners.

    Press

    Leasecake in the News.

    Contact

    Let us know what’s
    on your mind!

Learn More
Login

Security Overview

Keeping Your Data Secured

Overview

Leasecake provides a cloud-based SaaS platform to house, organize, and secure your lease and location information. We respect your privacy and take significant efforts to protect all your data.

Keeping our customers’ data secure is the most important thing that Leasecake does. We go to considerable lengths to ensure that all data sent to Leasecake is handled securely – keeping Leasecake secure is fundamental to our business.

Infrastructure

Highlights

  • All of our services and data are hosted in the cloud by Google Cloud Provider (GCP) facilities in the USA. Google provides an extensive list of compliance and regulatory assurances, see their US Compliance page for more information.
  • Our infrastructure is spread across multiple data centers to protect against failures.
  • Leasecake performs nightly backups of data from hot standby to backup customer data.
  • All data is encrypted at rest and in transit.

Service Levels

We maintain an uptime of 99.95% or higher.
Our infrastructure is hosted by Google and they are bound by a 99.95% uptime SLA.

Data

All customer data is stored in the USA in multi-tenant datastores. We do not have individual datastores for each customer. We maintain strict privacy controls in our application code to ensure data privacy and to prevent one customer from accessing another customer’s data.

We have automated testing in place to ensure these controls work as expected. Additionally, we have an independent penetration test performed yearly that includes testing these controls.

Data Transfer

All data sent to or from Leasecake is encrypted in transit using 256-bit encryption.

Authentication

Leasecake is served 100% over HTTPS.
We have two-factor authentication (2FA) and strong password policies for Google to ensure access to third-party cloud services are protected.

Personnel

  • All employees complete Security and Awareness training annually.
  • Leasecake has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.
  • All employee contracts include a confidentiality agreement.
  • Leasecake has plans to perform background checks on all new employees in accordance with local laws starting no later than January of 2022. The background check includes employment verification and criminal checks for US-based employees.

Application Monitoring

  • On an application level, we monitor the backend framework via Scout APM
  • All-access to Leasecake applications is logged and audited.
  • We maintain a formal incident response plan for major events.

Security Audits

We perform an annual OWASP Application Security Verification Standard self certification. Any item that doesn’t pass must go through a remediation process. 

We perform an annual independent penetration test. Any critical item found must be remediatiated immediately and all non-critical items must go through remediation. Post remediation we have a follow up penetration test to ensure we pass without any failures. We will perform additional penetration tests as needed when major updates are made to
the application or infrastructure.

Security Policies and Secure Development (SDLC)

We maintain security policies that are communicated and approved by management to ensure everyone knows their security responsibilities. Our policies are audited annually.

Software development is done through a documented SDLC process. Senior engineers conduct mandatory code reviews for code changes and periodic in-depth security review of architecture and sensitive code. We operate separate environments for development, QA, staging and production.

Annually our engineers participate in secure code training covering OWASP Top 10 security flaws, common attack vectors, and other security controls.

Vulnerability Disclosure

Earning and keeping the trust of our customers is our top priority, so we hold ourselves to the highest privacy and security standards. If you have discovered a security or privacy issue that you believe we should know about, we would love to hear from you.

Please reach out to us at [email protected]

Linkedin Facebook-f Vimeo-v
Leasecake

Plans
For Tenants
For Brokers
Lease Accounting
Lease Abstraction

Frosting

About
Customers
Careers
Partners

Learn

FAQ
Press
Customer Stories
Blog
Contact

Subscribe to Our Newsletter

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Copyright © 2022 Leasecake® Inc. All rights reserved. Patent pending.
Cookie Policy
Privacy Policy
Security Overview
Terms of Service
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}