Security and privacy at LBC

Security is our top priority — designed from the ground up for enterprises, we recognize that a solution without a robust security foundation is simply not an option.

Security and
Compliance at LBC

LBC maintains a SOC 2 Type II attestation. Our SOC 2 Type II report is available on our Trust Center.

Your Data is Secure

The Last Business Card prioritizes security at every level. We are committed to the highest standards of data protection, maintaining enterprise-grade security and compliance practices. Our security, privacy, and compliance controls are continuously monitored with Vanta, ensuring ongoing compliance with industry standards.


We hold our team and software development processes to rigorous security standards. All employees complete annual security training to stay up to date on best practices for handling sensitive information. Additionally, we conduct regular network and application penetration testing to provide our customers with confidence that their data remains secure.

Product security

Vulnerability scanning, Penetration testing and Dependency Analysis
The Last Business Card performs vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC):
Static analysis (SAST) testing of code on any commit and on an ongoing basis
Software composition analysis (SCA) to identify known vulnerabilities in our software supply chain
Constant malicious dependency scanning to prevent the external suspicious activity in our software supply chain
Dynamic analysis (DAST) of running applications
Network vulnerability scanning on a periodic basis
External attack surface management (EASM) continuously running to discover new external-facing assets
Quarterly penetration tests are performed on our products

Enterprise security

Endpoint protection

All corporate devices at The Last Business Card are centrally managed and secured with mobile device management (MDM) software and anti-malware protection. Our endpoint security is monitored 24/7/365 to ensure continuous protection.

We enforce strict security configurations, including disk encryption, screen lock policies, and regular software updates, to maintain a secure and compliant environment.

Identity and access management

The Last Business Card uses Entra ID and OIDC to secure identity and access management. We enforce multi-factor authentication to protect against unauthorized access and enhance security.

Access to applications is granted based on role, ensuring employees have only the permissions necessary for their responsibilities. Upon termination, access is automatically revoked, and any additional access requests must be approved according to predefined security policies.

Security education

The Last Business Card ensures all employees receive comprehensive security training during onboarding and annually. New employees also participate in a mandatory live session covering key security principles, while new engineers attend an additional session focused on secure coding practices.

Vendor security

LBC assigns an inherent risk rating to vendors based on their security measures, ensuring that those handling sensitive data or integrating with critical systems meet our security and compliance standards. The assessment considers the following factors:

Access to customer and corporate data
Integration with production environments
Implemented security controls
Adherence to industry best practices

Vendors with elevated risk profiles may be required to implement additional safeguards or undergo periodic reviews. LBC continuously monitors vendor security postures to mitigate evolving threats and maintain our commitment to data protection and operational integrity.

Businesses & TeamsIndividualsBlog
Contact UsPrivacy PolicyTerms of use
Security & PrivacySecurity ReportUptime Report
Copyright © 2024 The Last Business Card, LLC. All rights reserved