Compliance

Security, Compliance, Reliability & Privacy

Certifications and Compliance Standards

We obtain industry-accepted certifications and comply with current industry standards and regulations so you can feel confident that your company and customer data remain secure and compliant.

SOC2

SOC 2 (System and Organization Controls) is a regularly refreshed report that focuses on non-financial reporting controls as they relate to security, availability, and confidentiality of a cloud service.

SOC3

SOC 3 (System and Organization Controls) is a regularly refreshed report that focuses on internal controls as they relate to security, availability, and confidentiality of a cloud service.

PCI - DSS

The Payment Card Industry's Data Security Standard is an information security standard for the handling of credit card information. BraveSoft have achieved PCI certification.

HITRUST

The HITRUST CSF is an industry-agnostic certifiable framework for regulatory compliance and risk management. BraveSoft have achieved HITRUST CSF certification.
Vendor Management and Security Assessment Program

Our data centers, co-location, and managed service providers undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC1, SOC2 and/or ISO/IEC 27001, PCI and HITRUST audits thereafter. In the event these audits have material findings, which present risks to BraveSoft or our clients, we work closely with the vendor to track their remediation efforts until the issue has been resolved

SLA Response for Severity Issues

1
Minute SLA for Severity 1 Incidents
1
Hour Regular Update Communications
1
Minute on Average Incident Response
Scroll to Top