Protecting your data and our services is our top priority. The availability, confidentiality, and integrity of your data are of utmost importance to your business, and to the BIRD team. Multiple safeguards are put in practice to protect this information, and we are constantly monitoring and improving our products and services.
- Fully controlled secure workspace deployment that includes ISO 27001:2013-compliant implementation and management by the BIRD Professional Services team
- Platform events audit logs are captured at user access, data and meta-data level
- Committed SLAs for patch and vulnerability management
Our professional services team is dedicated to ensuring that processes, people, and tools are all aligned to security regulations such as ISO 27001 and abide by privacy regulations such as GDPR, HIPAA, and others.
Secure transmission and sessions
BIRD products and services are connected through secure socket layer/transport layer security (SSL/TLS). Strong encryption and authentication (TLS 1.2 with SHA256 certificate) are used to ensure your users have a secure connection from their browsers to our services. Sessions are terminated after 30 minutes of inactivity or implicitly ended by a user sign out event.
A strong password policy with multi-factor authentication is implemented in BIRD by default. Users configure password strength and limitations on login attempts, and passwords are encrypted. Within the application, group and role-based access rights can be assigned, allowing full control over what a user can see and use. The application also maintains a detailed log of events, capturing items such as authentication, failed login attempts, every report and data modifications by a user.
Servers do not use passwords and require 2048 bit RSA keys to provide direct access to the box. All keys are unique to individual administrators or service accounts and are not shared. Network level firewalls prevent unauthorized traffic from reaching servers in the data center.
All data is backed up using daily and weekly images. Additionally, Master/slave replication ensures that database backups are hot-swappable. Backups and replications are not transported off-site, but rather are stored in different data centers from the BIRD application to ensure recovery in case of primary data center loss.