Leja Leja
Enterprise Security

Your data security is
our top priority

We implement industry-leading security measures to protect your business data. Built on enterprise-grade infrastructure with compliance at its core.

TLS 1.3
Encrypted in Transit
AES-256
Encrypted at Rest
Azure
Southeast Asia Region
PDPA
Malaysia Compliant
Security Overview

Built with security in mind

We take a defense-in-depth approach to protecting your data across all layers of our platform.

Security isn't an afterthought at Leja. From the moment you sign up, your data is protected by multiple layers of enterprise-grade security controls.

  • End-to-end encryption

    All data is encrypted both in transit and at rest using industry-standard protocols.

  • Regular security audits

    Our systems undergo regular penetration testing and vulnerability assessments.

  • 24/7 monitoring

    Our security team monitors for threats and anomalies around the clock.

99.9% Uptime

Enterprise-grade reliability for your business operations

Data Protection

Military-grade encryption

Your data is protected with the same encryption standards used by banks and government agencies.

In Transit

All data transmitted between your browser and our servers is protected by TLS 1.3, the latest and most secure transport layer protocol.

  • TLS 1.3 encryption
  • HTTPS everywhere
  • Perfect forward secrecy
  • HSTS enabled

At Rest

All stored data is encrypted using AES-256, the gold standard for data-at-rest encryption used by financial institutions worldwide.

  • AES-256 encryption
  • Encrypted backups
  • Key management via Azure
  • Secure key rotation
Infrastructure

Enterprise cloud infrastructure

Hosted on Microsoft Azure with data residency in Southeast Asia for optimal performance and compliance.

Microsoft Azure

Microsoft Azure

Southeast Asia Region

SOC 2
Type II Certified
ISO 27001
Certified
GDPR
Compliant
99.99%
SLA Uptime

Why Azure?

Data Residency

Your data is stored in Microsoft Azure's Southeast Asia data center in Singapore, ensuring low latency and compliance with regional data protection requirements.

Physical Security

Azure data centers feature 24/7 security, biometric access controls, video surveillance, and multiple layers of physical security barriers.

Redundancy

Data is automatically replicated across multiple availability zones for high availability and disaster recovery.

Regular Backups

Automated daily backups with point-in-time recovery capability up to 35 days.

Access Controls

Secure access management

Control who can access what with granular role-based permissions and multi-factor authentication.

Role-Based Access

Define custom roles with specific permissions. From Employee to CEO, control exactly what each user can see and do.

Multi-Factor Auth

Add an extra layer of security with MFA support. Works with authenticator apps for secure login verification.

Session Management

Automatic session timeout, device tracking, and the ability to remotely log out from all devices.

Compliance

Built for Malaysian regulations

Full compliance with Malaysian statutory requirements and data protection laws.

PDPA Malaysia

Fully compliant with the Personal Data Protection Act 2010. We implement all seven data protection principles:

  • General Principle (consent)
  • Notice and Choice Principle
  • Disclosure Principle
  • Security Principle
  • Retention Principle
  • Data Integrity Principle
  • Access Principle

Statutory Compliance

Built-in compliance features for Malaysian business requirements:

  • LHDN: e-Invoice (MyInvois) integration
  • EPF: Monthly contribution calculations
  • SOCSO: Employment injury scheme
  • EIS: Employment insurance system
  • PCB: Monthly tax deduction
  • EA Form: Annual tax statement generation
Security Practices

Continuous security improvement

Our security team works around the clock to identify and address potential threats.

Penetration Testing

Regular security assessments by independent third-party firms to identify vulnerabilities.

Vulnerability Scanning

Automated daily scans to detect and patch security vulnerabilities promptly.

Security Training

All team members undergo regular security awareness training and certification.

Secure Development

Code reviews, static analysis, and security testing are part of our development process.

Incident Response

In the unlikely event of a security incident, we have a comprehensive response plan to minimize impact and keep you informed.

1
Detection & Analysis

24/7 monitoring with automated threat detection

2
Containment

Immediate isolation of affected systems

3
Notification

Affected users notified within 24 hours

4
Recovery & Review

Full restoration and post-incident analysis

Response Commitments

Initial Response 1 hour
User Notification 24 hours
Full Report 72 hours

Report a Vulnerability

Found a security issue? We appreciate responsible disclosure. Contact our security team.

security@leja.my
An unhandled error has occurred. Reload X

Rejoining the server...

Rejoin failed... trying again in <span id="components-seconds-to-next-attempt"></span> seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.