Letter X to close the search bar overlay
      Letter X to close the search bar overlay
      Demo
      Try free

      Features   |   Security & Compliance

      Security, privacy and compliance

      BrainStorm is dedicated to protecting customer information. We employ gold-standard technology and abide by strict security practices to protect your data and privacy, ensuring the highest standards of protection for our customers.

      Book a demoTry for free

      Smiling working professional standing near an image of a secure log in and logos of security compliance standards.

      Security

      Authentication
      • Multiple authentication methods
      • Flexible security: single sign-on (SSO) and magic links/OTP
      Availability
      • 99.95% uptime
      • Multi-cloud solution
      • 24/7 platform monitoring
      • Dedicated support team
      Clustering
      • Clustering of services/nodes to prevent single-point failure
      • Automated penetration testing for threat detection
      Data handling

      Industry-leading technical controls and processes: rotating encryption keys, role-based access control (least privilege framework), encryption, and anonymization

      Session controls

      Admins determine permitted active session length for their users

      Compliance

      BrainStorm adheres to rigorous industry standards, including SOC 2 Type 2, ISO/IEC 27001, and the EU-US Data Privacy Framework, to ensure the protection and privacy of our customers' data.

      • AICPA SOC logo
      • BARR Certifications ISO 27001:2013 logo
      • EU-US Data Privacy Framework logo

      Privacy

      BrainStorm's privacy stance emphasizes responsible and transparent handling of personal information. We process personal data to facilitate access to our services and collect it directly through various interactions, always with the user's knowledge. BrainStorm does not sell or share your data with any 3rd parties. We are committed to protecting user privacy in accordance with GDPR and CCPA and other US state laws.

      For more information, please review our privacy policy here.

      • GDPR logo
      • CCPA logo

      Frequently asked questions

      How Does BrainStorm respond to security incidents?

      BrainStorm follows an internal incident management policy which establishes guidelines and standards for mitigating risks from security incidents, including security breaches and data compromises. It emphasizes the importance of planning for incidents before they occur and ensuring effective security for systems, networks, and applications. If an incident occurs, the BrainStorm security team will create a response plan and promptly notify the affected parties. Follow-up will include lessons learned and security hardening to prevent similar events in the future.

      Does BrainStorm follow a software development lifecycle policy?

      Yes, BrainStorm adheres to an SDLC that outlines guidelines and standards for the management and control of BrainStorm's information security acquisition, development, and maintenance. It mandates that information security requirements be analyzed at the earliest planning stages of any system or application to ensure they are an integral part of business requirements.

      How does BrainStorm manage its vendors?

      BrainStorm has implemented a structured vendor review process where vendors are vetted based on the services they provide to BrainStorm. Vendor Assessments are completed through reviewing vendor security policies and audit results to ensure vendor security measures are in line with BrainStorm standards.

      Does BrainStorm process sensitive PII?

      The data BrainStorm processes is limited to what is necessary for the platform and does not include sensitive PII.

      Is data encrypted in transit and at rest, and what methods are used?

      Yes, BrainStorm ensures that all customer data is encrypted both in transit and at rest. The encryption methods include 256-bit for symmetric encryption, 1024-bit for asymmetric encryption, TLS, and PGP.

      More ways to drive customer adoption.

      See how →

      More ways to drive end-user adoption.

      See how →

      See how BrainStorm helps you win

      Learn how BrainStorm’s powerful and flexible features help you reach more users, save time and money, and drive measurable impact at scale.

      By submitting this form, you are agreeing to BrainStorm, Inc.’s privacy policy.

      Explore features

      See all →

      Teams
      Partners
      Content packs
      Resources

      Copyright ©2024 BrainStorm, Inc All rights reserved

      Legal | Privacy policy | Terms & conditions | Cookie Declaration