Security & Compliance

Our Compliance Journey

We are committed to achieving the highest standards of security and compliance. Here is where we are on that journey.

Last updated: December 12, 2025

SOC 2 Type II

In Progress
Audit in progress

ISO 27001

Coming Soon
Preparation started

Our Commitment to Security

LOCKIA LLC ("Company") is building our Mobile Device Management (MDM) platform with security-first principles. We are actively working toward industry-recognized certifications to demonstrate our commitment to protecting your data.

Certifications & Standards

Our progress toward industry-recognized certifications

SOC 2 Type II

In Progress

We are currently undergoing SOC 2 Type II certification. This audit evaluates our controls for security, availability, and confidentiality.

ISO 27001

Coming Soon

We are preparing for ISO 27001 certification, the international standard for information security management systems.

Data Security

How we protect your data today

  • All data encrypted at rest using AES-256 encryption
  • TLS 1.3 encryption for all data in transit
  • Hardware-anchored security through Lockia Cipher Protocol
  • Multi-factor authentication (MFA) available for administrative access
  • Role-based access control (RBAC) implementation

Infrastructure Security

Our cloud infrastructure practices

  • Hosted on enterprise-grade cloud infrastructure
  • Geographic redundancy across multiple data centers
  • Automated backup and disaster recovery procedures
  • Network segmentation and firewall protection
  • DDoS protection and monitoring systems

Vendor Management

How we manage third-party relationships

  • Security assessment of third-party vendors
  • Limited data sharing with vendors on a need-to-know basis
  • Regular review of vendor security practices

Data Handling Practices

Data Retention

Customer data is retained for the duration of the subscription plus 30 days for data export. After this period, data is securely deleted.

Data Deletion

Upon account termination or customer request, we securely delete all customer data within 30 days.

Data Location

Customer data is primarily stored in the United States.

Data Access

Access to customer data is limited to authorized personnel on a need-to-know basis.

Incident Response

In the event of a security incident affecting customer data, we commit to:

  • Notifying affected customers promptly
  • Providing information about the nature and scope of the incident
  • Documenting remediation steps taken
  • Offering support for affected customers

Security Inquiries

For security-related questions or to learn more about our compliance progress, please contact us.

security@lockia.io

AI Assistant Available