Lumiant Client Portal

To all our valued clients, 

As  you may be aware, we have recently rolled out our new Lumiant Client Portal. We are writing to assure you that the Lumiant Client Portal is a secure digital storage solution for your sensitive personal and financial information. 

Following an extensive cybersecurity review, we have rolled out this portal to our clients as part of our commitment to enhancing client data exchange, engagement, and security.

Here is a list of the key considerations to help you understand the safety and security of your sensitive information:

1. Cloud Storage Provider: Lumiant uses Amazon Web Services as their cloud storage provider, a highly reputable service known for its reliability and security. 
   
   A cloud storage provider is a company that offers remote data storage and management services over the internet.
   
   
2. Data sovereignty: Your data is only stored in regions where Lumiant operates: Australia and the United States. These regions are completely independent, and all data sourced, created and accessed in one is inaccessible from the other.
   
   This means that Australian data is not impacted by the effects of a US based cyber attack.
   
   
3. Encryption: Your data is encrypted using Lumiant’s private key while stored. It is only decrypted when accessed by authorised users for viewing or editing. Afterward, it is automatically re-encrypted for added security.
   
   Encryption is the process of converting and locking data into a code that can only be unlocked and understood by authorised parties, ensuring that it remains confidential and secure from unauthorised access.
   
   
4. Secure Data Transfer: Similar to Microsoft Outlook, data transferred to and from users is encrypted using industry-standard protocols such as SSL and TLS v1.2, safeguarding it from interception during transit.
   
   SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are encryption protocols intended to keep data secure when being transferred over the internet. TLS v1.2 is an updated and more secure version, incorporating stronger cryptographic algorithms, enhanced security mechanisms, and better protection against known vulnerabilities
   
   
5. Activity Monitoring: Lumiant continuously monitors and logs all activities within the portal. These log files are anonymised to remove any personal identification and analysed outside the region for further scrutiny and examination.

6. Least Privileged Access: Lumiant adopts the principle of least privilege, ensuring that users and applications only have access to the data necessary for their tasks. This approach enhances security by limiting potential points of vulnerability.
   

7. Penetration Testing: In addition to Lumiant’s local penetration tests, Lumiant also conducts regular assessments to identify and address potential vulnerabilities. This proactive approach is separate from, but complements the monitoring efforts of our cloud provider, Amazon Web Services.
   
   Penetration testing is a security assessment process where trained cybersecurity professionals simulate real-world attacks on a computer system, network, or application to identify vulnerabilities that could be exploited by malicious hackers. 
   

8. Compliance Measures: Lumiant adheres to relevant legislation such as the Patriot Act and the Australia-US Cloud Act to ensure legal compliance and protect your data.
   
   Both the Patriot Act and the Australia-US Cloud Act are designed to combat terrorism and aid law enforcement. The Patriot Act grants US authorities access to cloud data without user notification, while the Australia-US Cloud Act facilitates cross-border data access between the two countries for law enforcement purposes.

We find comfort in knowing that all stored data is consistently encrypted, and Lumiant implements a strict hierarchy of access controls to safeguard your information.

For further details on our security measures, please refer to the following resources:

• Legal and Compliance
• FAQs: Your Banking Data & Security

If you have any questions or concerns regarding the security of the Lumiant Client Portal, please don’t hesitate to reach out to us. Your trust and peace of mind are of utmost importance to us.

Sincerely,

Joe and the team at Stephan Independent Advisory