Skip to main content

Data Migration Security and Sanitization

An important part of transitioning to a new Customer Identity Management platform is ensuring the handling and delivery of your user data is executed efficiently and securely to fully mitigate any risk that is inherently present when accessing or moving sensitive user details.

Data Migration Security

To eliminate any exposure during this sensitive transition of user data, LoginRadius has developed specific protocols and tools to migrate your user data into the LoginRadius platform. This document goes into detail regarding the mechanisms and protocols that we have in place to ensure the safe, secure, successful migration of your user data.

  • In-Transit Data Security: The data transfer process has the following security during the in-transit data request:

  • Secure HTTPS Tunnel via server-to-server process: The communications are handled via a server-to-server transaction over HTTPS, meaning that the transfer of data is entirely secure.

  • SFTP Delivery of Resources: Any delivery of files or resources is handled over SSH via our secure SFTP. The SFTP service is a write-only, dedicated instance that allows you to securely pass details or files to the data migration team.

  • IP/Domain Whitelisting: Ability to submit data to LoginRadius, either via SFTP or Migration Software, is restricted to predefined IPs/domains.

  • Authorization Security: The data migration process has built-in authorization and user credentials security:

  • Secure Credentials Storage: Any access credentials provided for testing or migration purposes are securely stored in an encrypted key vault and only leveraged by the Migration Software when required.

  • One-way password hashing: LoginRadius only accepts one-way hashed passwords, meaning that it is impossible to decrypt and therefore impossible for anyone (even the LoginRadius team) to see your users' passwords. We support the latest security algorithms and can assist in upgrading your existing passwords to the most secure algorithm if your current algorithm is outdated.

  • Infrastructure Security: The LoginRadius infrastructure security is built-into the data migration process:

  • System-wide Security protocols: We use our standard security policies and practices to make sure that we are compliant with security standards. All SFTP servers, data file storage, etc., are behind the firewall and protected in LoginRadius Infrastructure. Full details on the system infrastructure security can be found here.

  • Data Preservation: All data is maintained in the transit storage temporarily. Once the data migration process is complete, data is disposed of based on industry standard data governance procedures for deletion of records.

Data Migration Sanitization

All data transferred into the LoginRadius system undergoes a complete data sanitization process. This process guarantees the data you are transferring is normalized into the LoginRadius format, contains only valid records, and any preprocessing of data is applied.

Data Sanitization covers the following cases by default:

  • Data De-duplication: The data migration process checks for duplicate data points during migration and allows for customizable rectification of duplicate data.
  • Type Checking: All fields are verified and converted to the correct format.
  • Required Field Verification: Any fields deemed necessary for the migration are checked for inclusion.
  • Data Normalization: Data is transformed into the LoginRadius Normalized User Profile Format.

The data migration sanitization process includes customizable flows to handle additional data sanitization based on your requirements, such as:

  • Field level preprocessing: Modify or supplement field data based on your requirements.
  • Custom field or Custom object normalization: Full support for all LoginRadius data storage options.
  • Data merging from multiple origins: The migration sanitizers handle merging and unifying discrepant data sources into a single unified user account record.