Latest Update: May 17, 2021
At Bryq, we take security and availability very seriously. Below is an overview of the measures and precautions we take to secure our customer data and keep it safe.
Third-Party AuditingBryq undergoes SOC 2 Type II audits annually, verified by third-party auditors.
We contract third party security auditors annually for penetration testing and vulnerability assessments, comprising a variety of activities, such as infrastructure testing and targeting OWASP and WASC vulnerabilities.
InfrastructureBryq’s computing infrastructure is provided by Amazon Web Services, a secure cloud services platform. Amazon’s physical infrastructure has been accredited under ISO 27001, SOC 1/SOC 2/SSAE 16/ISAE 3402, PCI Level 1, FISMA Moderate and Sarbanes-Oxley.
Access to our infrastructure is tightly controlled and monitored. In addition to strong security controls, we make sure that the data we collect remains available through daily backups, and is retained for 30 days.
ApplicationsAll communications between clients and our servers enforce https and are encrypted with 256-bit SSL/TLS encryption. Passwords are always encrypted and never stored in cleartext.
All data access is protected by a role-based access-control mechanism, which only lets users view data for which they have permission. It’s impossible for users to view data from organizations other than their own.
All stored data is encrypted at rest using 256-bit Advanced Encryption Standard (AES-256).