Safer data
by design

The best of modern ideas paired with trusted technologies.

From our inception, Abett chose the best of modern ideas in data management and paired them with mature, trusted technologies, and designed Lockbox™ with security as a first principle.

Abett is certified with SOC2 Type 2 and ISO 27001:2022

Strong security design is our first principle.

Architecture Overview
We are cloud-native, built on the Microsoft Azure and Amazon Web Services cloud platforms. Our platform incorporates design ideas from big data and the modern data stack, allowing us to ingest and process terabytes of data in hours and keep all that data online at all times. The Lockbox was built, from the start, to be a secure storage system. It incorporates modern security principles like least privilege, separation of duties, defense in depth, minimization of attack surface area, and redundancy and security by design.

Data AccessEmployee access to data is granted only with a valid business need, and Just-In-Time permission grants are employed using native AWS or Azure tooling. All employer data is encrypted from the moment it reaches Lockbox with customer specific encryption keys that are stored in a HSM. All actions related to client data are logged. No data is shared with vendors without client approval.

Data SecurityLockbox uses encrypted communication channels and encrypts all data using customer-specific keys. Data at rest is encrypted. It is isolated per customer. We require multi-factor authentication, record and audit all access, while employing fine-grained access controls to enforce least privilege principles.

Industry standards and certificationsLockbox complies with HIPAA regulations, the NIST Cybersecurity Framework, and leading data security and privacy best practices, including encryption of all Lockbox content with customer-specific encryption keys and audit logging of all access to PHI. We maintain a SOC 2 Type 2 certification for the Security, Confidentiality and Availability principles.  Abett, Inc. maintains ISO 27001:2022 certification issued by Marcum RAS for Lockbox services and undergoes annual re-audits to maintain it.

Lockbox Security Features

From consolidating your data to providing secure access and sharing, Lockbox revolutionizes how you use data to tackle the challenges defined by you instead of by others.

Real-Time
Data Streamer
captures and processes data instantaneously, providing employers with timely, relevant insights that are actionable and based on the most current information available
Data Element
Tracker
monitors and records every interaction a user has with data within the system. This provides robust measures to prevent unauthorized access or alterations — ensuring data integrity and compliance
Selective
Data Filter
empowers employers to share data with vendors selectively, ensuring that only necessary information is communicated and safeguarding against the oversharing sensitive data
Universal Personal Identificationan anonymous identifier that links relevant health data to an individual, creating a comprehensive, private health data profile

Industry Certifications

Abett’s security and privacy programs are led by industry veterans with decades of experience. To learn more about our approach to security or to receive a copy of our certification documents, email Wendy Knox-Everette, CISO

See what Lockbox can do for you.

Book a call and learn why Fortune 500 companies rely on Lockbox to solve their unique benefits challenges.