Compliance
Security, Compliance, Reliability & Privacy
Certifications and Compliance Standards
We obtain industry-accepted certifications and comply with current industry standards and regulations so you can feel confident that your company and customer data remain secure and compliant.
SOC2
SOC 2 (System and Organization Controls) is a regularly refreshed report that focuses on non-financial reporting controls as they relate to security, availability, and confidentiality of a cloud service.
SOC3
SOC 3 (System and Organization Controls) is a regularly refreshed report that focuses on internal controls as they relate to security, availability, and confidentiality of a cloud service.
PCI - DSS
The Payment Card Industry's Data Security Standard is an information security standard for the handling of credit card information. BraveSoft have achieved PCI certification.
HITRUST
The HITRUST CSF is an industry-agnostic certifiable framework for regulatory compliance and risk management.
BraveSoft have achieved HITRUST CSF certification.
Vendor Management and Security Assessment Program
Our data centers, co-location, and managed service providers undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC1, SOC2 and/or ISO/IEC 27001, PCI and HITRUST audits thereafter. In the event these audits have material findings, which present risks to BraveSoft or our clients, we work closely with the vendor to track their remediation efforts until the issue has been resolved
SLA Response for Severity Issues
1
Minute SLA for Severity 1 Incidents
1
Hour Regular Update Communications
1
Minute on Average Incident Response