Best practices: Data security and using Little Green Light

In this article:

• Security overview
• Security protocols that are built into LGL
  • Password re-authentication required when changing your email address
  • A maximum of 5 password resets per day are allowed for any given email address
• Important protocols you can follow to secure your data when using LGL

Security overview

Little Green Light's servers are hosted by industry leaders and are protected by firewalls, and all communications between servers and data centers are encrypted. You can read more about our security here. 

LGL has not experienced any data breaches to date, and we are always working to ensure our security measures are as robust and up to date as possible.

Security protocols that are built into LGL

Password re-authentication required when changing your email address

To decrease the chance of an account takeover through a nefarious actor changing an email address within LGL, there is an additional security layer for any user changing their account email. When a user selects to change their email address in their user profile, they are required to enter their password before the email address can be changed. If two-factor authentication is turned on, it will be triggered at this time.

A maximum of 5 password resets per day are allowed for any given email address

Any email address associated with an LGL user is allowed a maximum of 5 password resets per day. After 5 resets, the account will be locked and you will need to contact your account administrator to unlock it. (Account administrators will have access and will be able to unlock a locked user profile in these cases.) If your administrator is not able to unlock it, you can contact LGL support to ask for it to be unlocked.

Important additional security protocols you can follow to secure your data when using LGL

Most breaches result from individuals' computers or email accounts being compromised, typically by spammers sending deceptive emails or texts that trick the user into clicking a link (which then installs malware on your computer/device, allowing the spammers to access your personal and organization data). For this reason, we strongly recommend that you follow these guidelines to do the most you can to secure your data:

1. Enable and manage 2-step verification by following these instructions
2. Enable alerts for logins to your LGL account from different geographical locations by following these instructions
3. Ensure everyone at your organization is running high-quality, current software
4. Ensure everyone at your organization has malware checkers installed