This section covers the security measures, data protection policies, and compliance standards that apply to your Lobster Cloud environment. Lobster operates a comprehensive security framework that combines AWS infrastructure security, application-level protection, continuous monitoring, and strict organizational policies.
Every customer environment is fully isolated within its own dedicated AWS Virtual Private Cloud (VPC). All data is encrypted at rest and in transit. Lobster holds ISO 27001:2022, ISO 27018, and ISO 9001 certifications and operates in full compliance with GDPR and the Swiss Federal Act on Data Protection (FADP).
The following pages in this section cover each security topic in detail:
Page | Description |
|---|---|
Summary of the complete security model, including infrastructure protection, monitoring, incident response, and binding security policies. | |
Data hosting locations, data sovereignty, customer data handling principles, data subject rights, and data deletion procedures. | |
The access model for your Lobster Cloud system, internal Lobster team access controls, and binding access policies. | |
Policy on external software, custom scripting, and the reasoning behind the standardized environment approach. |