In this list you’ll find the answer on your question.
Who can enter BlueKnows?
BlueKnows is a SaaS tool (Software as a Service) accessible for all licensees within your organisation via their browser. A strict roles system secures our solution. We enable permission levels within the tool to be set for different types of users.
How does BlueKnows ensures the usage of safe passwords?
BlueKnows enforces a password complexity standard and uses OpenSSL to encrypt and decrypt (256 bits) credentials and sensitive data. The encryption algorithm is specified by the Advanced Encryption Standard (AES3).
Our API and application endpoints are TLS/SSL only. SSL/TLS certificates are used to secure network communications and establish the identity of BlueKnows over the Internet as well as resources on private networks.
Where is my data hosted and stored?
BlueKnows is built upon the low-code platform of Mendix (a Siemens company) and was built with disaster recovery in mind. Therefore, all infrastructure, services and data are hosted via the Mendix Cloud, using Amazon Web Services (AWS) facilities primarily in Frankfurt (eu-central-1) and with AWS back-up facilities in Ireland. Therefore, always continues to work if any one of those data centres fail.
All hosting and storage are fully aligned with the restrictive EU data protection laws. AWS is known for its rigorous security. For further information on their hosting compliance please visit AWS Amazon.
Does BlueKnows offers monitoring and regular back-ups?
On an application level, we produce audit logs for all activities. Further, all actions and activities within BlueKnows are logged in the database. Our database is backed up using the following schedule:
Nightly Backups: maximum 2 weeks history (counting from yesterday)
Sunday Backups: maximum 3 months history (counting from yesterday)
Monthly Backups (1st Sunday of each month): maximum 1 year history
Is two factor authentication available for BlueKnows?
Two-factor Authentication (2FA) adds a second authentication mechanism in addition to your password. At BlueKnows it’s our primary focus to keep your data safe and secure. Therefore, 2FA is standard available for all BlueKnows users. We make use of the Google Authenticator using a mobile application that is available on both IOS and Android. For Google 2FA, an internet connection on your mobile is not required.
Is Single Sign-On (SSO) available for BlueKnows?
Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials. As a premium addon we can directly enable SSO when your IT infrastructure uses the SAP Cloud Platform. In all other cases we are happy to investigate the possibilities.
What other measures are taken to keep BlueKnows safe?
The Mendix platform on which BlueKnows is built is scanned for vulnerabilities continuously. Further, access to client data is limited to authorized BlueKnows team members who require it for their job. BlueKnows has a set of measures in place to guard the physical security of its employees and office. These are described in our internal security policy. All policies are updated frequently and shared with all employees.
What will happen in case of a data breach?
BlueKnows implements a protocol for handling security events and makes sure all employees are informed of our policies. In case of a ‘critical incident’ or ‘security breach’, BlueKnows will immediately inform its clients. We will take all necessary steps to reduce the impact and prevent a recurrence as defined in our breach protocol.