Data matters. We keep it safe.
Protecting your data is our top priority. Our Information Security Management System (ISMS) has been established to secure business operations and ensure that our products protect our customers’ information, enabling the competitive edge to proactively attract, engage and retain the right talent.
Compliance and Certifications
This internationally recognized standards-based approach to security demonstrates our commitment to security. Beamery has been continually ISO 27001-certified since 2010.
Certification Number: IS 715495
SOC 2 TYPE 2
This is an independent assessment of our control environment, which reports on our controls system and its suitability. The SOC 2 report is based on the AICPA’s Trust Services Criteria and is issued annually.
Beamery is in full compliance with General Data Protection Regulation (GDPR) and has specific tools and processes to help customers in their own compliance with GDPR requirements.
CSA STAR Level 1
Beamery self-assesses against the Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Questionnaire (CAIQ) biennially, providing our customers with an in-depth view of our control environment.
We are compliant with the California Consumer Privacy Act (CCPA) intended to enhance privacy rights and protection of Personal Information and extend the same level of protection to all those in the US.
Programs and Practices
We’re hosted in the Google Cloud Platform (GCP) who provide industry-leading data center physical security controls. We rigorously enforce physical security at all our locations, with access controls, visitor monitoring, and CCTV.
We test the Beamery platform, conducting vulnerability scans and penetration testing at least twice a year. We also restrict access to the Beamery Platform on a least-privilege, need-to-know basis with security controls, firewalls and encryption.
Security is everyone’s responsibility at Beamery. All employees undergo annual security, privacy and compliance training. Our Security Working Group provides ongoing direction and oversight with regular internal audits at each location.
Background screening checks are conducted on all employees . Beamery employees only access, use, disclose and transfer customer data according to our contractual agreements and/or at our customers’ direction and in line with all applicable laws and regulations.
We have disaster recovery and business continuity plans to ensure that Beamery critical services are supported and data is recoverable. These are tested annually and cover region loss and total loss of cloud provider, with an RTO of 24 hours.
We’ve embedded a holistic privacy program into our company processes and services offering, from initial design through release. This program, built on our philosophy of Privacy by Design, guides how we develop products and operate our company.
We default to transparency
Trust is paramount when it comes to successful partnerships which is why we have put together these Trust Center resources with all the information you need to understand how we protect your data.
As a company, we live and breathe security and privacy every day. We have embedded this into our core company culture with a foundation and trust built on “Security and Privacy By Design”.
Encompassing our architecture, network security and access control we understand the true value of “defense in depth" and layered approach to security.