Trust and Security

About the Lucidworks security program.

Lucidworks has a formal cybersecurity program managed by our Security & Compliance team that encompasses stakeholders across all Lucidworks departments.

Our security program is designed to safeguard the confidentiality, integrity, availability, and privacy of our information systems and the data we store and process.

We use SOC 2 Trust Services Criteria for Security, Availability, and Confidentiality and ISO 27001 to structure our security program. These respected frameworks help ensure that we implement comprehensive security measures, such as access control, infrastructure and application defenses, and risk management. They also map to other control catalogs, like those published by NIST and CIS.

In the context of data privacy, our customers control the type of information their product instance processes and are considered data controllers. For our standard policies around personal data, including our obligations as a data processor, refer to Lucidworks Legal Agreements.

Current and prospective customers can access our SOC 2 Type 2 report, ISO 27001:2022 certificate, and other relevant documentation via the Lucidworks Trust Center.