SOC 2 Compliant - You Can Trust Your Data with bipp
Compliance and Certifications
bipp has achieved SOC 2 Type 2 certification, which confirms our internal controls meet enterprise standard security and availability standards. We are invested in building a BI platform that exceeds our corporate clients’ complex data security needs.
Our Principles
Earn trust
Good security is at the core of earning trust. We’re always working to enhance and improve our data security for clients who rely on us to secure the data that drives their business decisions.
Client data first
By design, bipp does not store client data. Our data platform sits on top of your existing database, using a secure connection to directly query your data warehouse.
Your data, your controls
We give our clients the controls they need to protect, govern, and access their data, with fine-grained project/dataset/data model level, group level and role level control.
End-to-end platform and data security
We employ strong encryption for data at rest and in transit while adhering to the most stringent software development security and training programs. We’re constantly working to protect our customers’ data and routinely patch our systems. bipp undergoes regular penetration testing by third party experts to ensure the platform’s design and functionality. Additionally, we monitor over 100 security controls, from employee onboarding to vulnerability scanning.
Data protection and access controls
Security at bipp is not a one-time activity. True protection comes through our security strategy that covers all aspects of our business. We commit to constantly investing in new ways to protect your data and our platform. bipp uses secure connections to any modern data warehouse while respecting existing role-based access. Beyond these basics, we also support Single Sign-On (SSO) and multi-factor authentication to govern and audit data access. Our enterprise clients can also control access to sensitive information using row and column level security.
Privacy by design
We are responsible for protecting our customers’ data and individual data privacy rights and believe that frameworks such as GDPR and CCPA are beneficial for protecting the information of individuals. Through data source-level granular access controls and user account restrictions, customers can tightly control what information is accessible to - and through - bipp.
For more information, please see our Security Statement, Privacy Policy and Terms-of-Service. If you have a question, concern or believe you may have identified an issue, please contact us at security@bipp.io.