Backup Assurance
Daily encrypted backups, both in transit and at rest, are diligently executed and routinely tested. Backups are securely stored “off-site” in Amazon S3 across multiple highly available physical devices.
Recovery Strategies
Annual reviews of Business Impact Analysis (BIA) and Business Continuity Plan (BCP) ensure well-defined Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs).
Incident Management & Responses
A 6-step incident response approach guides our consistent responses: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. We put an emphasis on blameless post-mortem analysis for continual improvement.
Secure Data Centers
Hosted in the United States, our customer center resides in AWS’s us-east-1 regions across multiple availability zones (a through f).
Continuous Infrastructure & Network Security Monitoring
A 24/7/365 Security Operations Center (SOC) ensures continuous monitoring for vulnerabilities. Network controls are maintained through a dedicated Virtual Private Cloud (VPC) within AWS, with Intrusion Detection Systems (IDS) for proactive alerting.
Vulnerability and Patch Management
Regular scanning for vulnerabilities, automated patching schedules, and prioritized handling of critical patches.
DDoS Mitigation
Distributed Denial of Service mitigation is provided via AWS Shield.
Application Security
Security “baked” into products, processes, and personnel with annual training on secure coding for developers. Static and dynamic security scans integrated into development and QA processes.
Third-Party Penetration Testing
Annual tests conducted with external penetration testing vendors, with remediation of findings.
Encryption Protocols
Encryption at rest for stored data, session cookies, and backups. Robust encryption in transit using TLS 1.2 / HTTPS and the option to add a secure IPSEC tunnel.
Authentication and Access Controls
Integration with Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions for secure user authentication.
Role-Based Access Control
Administrators can set user roles according to the principle of least privilege.
Compliance & Certifications
Commitment to meeting and exceeding industry compliance standards with annual audits.
GDPR Compliance
Compliant with the General Data Protection Regulation (GDPR) since its inception in May 2018.
Corporate Security Practices
Employees undergo annual general security and data privacy training.
Information Security Policies & Procedures
Adherence to ISO 27001 framework for policies and procedures.
Office & Endpoint Security
Secured offices with keycard access, 24/7 monitoring, and redundancy. Employee laptops equipped with encryption, antivirus, and advanced malware detection.
Business Continuity
Built-in cloud-based continuity, enabling seamless operations globally.
Background Checks
All new hires undergo background checks, ensuring a secure work environment.
Brightfin is steadfast in its commitment to delivering a secure and reliable platform, continuously evolving to meet the highest standards of data protection and security.