Security
Here’s how we protect your notes, videos, and markers, in plain terms. If something isn’t covered, email us at support@lapinsight.com.
While your data is moving
Everything you send to and from LapInsight travels over an encrypted HTTPS connection. That’s the same lock-icon technology your bank uses. While your data is in transit, nobody on your network or anywhere in between can read it.
While your data is stored
Your data lives on established, managed cloud infrastructure that holds independent security certifications such as SOC 2. It’s encrypted on disk by default, so if someone physically pulled a drive out of a data center, they couldn’t read what was on it.
Only you can reach your data
Every note, video, and marker is tied to your account, and we check ownership on every single request. Your account can’t reach anyone else’s data, and theirs can’t reach yours.
Your notes are cleaned
When you save a note, we clean its contents so nothing harmful, like a hidden script, can be stored and run later. Any images in a note have to come from our own secure CDN, never from some random outside website.
Your videos aren’t publicly browsable
There’s no public list of your videos and no guessable web address, so a video can’t be found by searching or by typing in a URL. The only way to reach one is through a share link you create yourself, and you stay in control of it: you can set it to expire, or revoke it, whenever you want.
The video itself is always delivered through short-lived signed tokens rather than a permanent public file. That means the underlying video can’t be hot-linked, scraped, or rehosted.
Two kinds of share link
When you share a video or a report, you pick one of two link types. The same choice applies to both, with the same trade-off.
Restrictedis the most private. Only the people you name can open it, and they have to confirm it’s really them first. If the link leaks, it’s useless to anyone else.
Unlistedis the convenient one. Anyone with the link can open it without an account, much like an unlisted YouTube video. It still won’t show up in search and can’t be guessed, but think of the link itself as a key: whoever you send it to, or whoever they pass it along to, can view it until it expires or you revoke it.
Sensitive secrets get extra protection
The most sensitive things, like your two-factor-authentication key, get an extra layer on top. We encrypt them with a separate key that the database itself never sees, so even our own database can’t reveal them. Passwords are never stored in a readable form at all; we keep only a one-way hash of them.
How encryption works here
LapInsight is not end-to-end encrypted, and here’s the plain reason why. The cloud is the main home for your videos, notes, and markers, and it has to be able to process them to do the things you came here for, like playback, sharing, and search. End-to-end encryption would make your data unreadable to us, but it would also make those features impossible.
So instead, we protect your data with the layers described above: encryption on the way in and out, encryption at rest, links that are signed and expire, extra encryption for your most sensitive secrets, and strict separation between accounts so no other user, including a rival team, can reach your data. We can access your content to run the service, and we never pretend otherwise. What we won’t do is sell your data, or use your videos and notes to train AI or to target ads.