Security

At BDEO we care about the security of your data, that's why we have the most demanding certifications in terms of security.

Here are the most important security features of the platform.

Here are the most important security features of the platform.

Our cloud service is hosted on the serverless infrastructure provided by AWS, a provider of which we are partners.

Our service developed with serverless technology is completely scalable and fault-tolerant without the need for resource provisioning, so you can use BDEO without fear of service degradation during high demand peaks.

All communications with BDEO are encrypted using HTTPS (TLS1.2) selected the latest and most secure cryptographic cyphers.

Data is not only encrypted while in transit over the network, it is also encrypted at rest, on our storage systems whether it is data, photos, videos or documents.

Our backups are performed using "PointInTime recovery" which allows us to perform data recovery at any previous point in time, without being limited to 1 point every 24 hours. The data remains in our backup system for a period of 35 days, after which it is permanently deleted.

You can check the health of the system in this dashboard

General Information 27001

ISO/IEC 27001 is a security management standard that establishes recommended security management practices and comprehensive security controls in accordance with the recommended practices of ISO/IEC 27002. The basis for this certification is the development and implementation of a stringent security program, including the development and implementation of an information security management system (ISMS) that defines how Bdeo consistently manages security in a comprehensive and holistic manner. This widely known international security standard specifies that Bdeo performs the following:

  • We systematically assess information security risks, taking into account the impact of threats and vulnerabilities.
  • We design and implement a comprehensive set of information security controls and other risk management mechanisms to address the security risks to which the client and the architecture are exposed.
  • We have an overall management process in place to ensure that information security controls meet our needs on an ongoing basis.

Bdeo is certified in accordance with ISO/IEC 27001, 27017 and 27018 standards. These certifications are carried out by independent external auditors. Compliance with these internationally recognized standards and codes of conduct demonstrates our commitment to information security in all areas of the organization and that Bdeo's security program is in line with leading industry best practices.

General Information 27017

ISO/IEC 27017 provides guidance on the information security aspects of cloud computing and recommends the implementation of cloud-specific information security controls that complement the guidance in ISO/IEC 27002 and ISO/IEC 27001. This code of conduct provides additional information security controls implementation guidance specific to cloud service providers.

What does ISO/IEC 27017 mean for you as a customer?

  • AWS's ratification of ISO/IEC 27017 not only demonstrates our ongoing commitment to align with globally recognized best practices, but also verifies that AWS has a system in place with highly accurate controls specific to cloud services.

General Information 27018

ISO/IEC 27018 is a code of practice designed to protect personal data in the cloud. It builds on the ISO/IEC 27002 information security standard and provides implementation guidance on the IEC/IEC 27002 controls applicable to personally identifiable information (PII) in the public cloud. It also provides a set of additional controls and related guidance to meet the requirements for protecting personally identifiable information in the cloud not covered by the existing set of ISO/IEC 27002 controls.

What does ISO/IEC 27018 mean for you as a customer?

  • The alignment demonstrates to customers that AWS has a system of controls in place that specifically addresses the privacy protection of their content. AWS's alignment with an independent third party assessment of this internationally recognized code of practice demonstrates AWS's commitment to customer privacy and content protection.

Information of interest to our customers

If you want to know more about how we manage the safety in service according to the reference standards, ask for the management procedure at info@bdeo.io.