BizAway prioritizes your security, that’s how we protect your data.
- Data encryption In-transit
- Frequent vulnerability scanning
- Periodic penetration testing
- Disaster recovery
- Incident management
Business continuity and technical security
Our platform and services have several measures in place to ensure high availability at all times.
We can guarantee service continuity and have disaster recovery procedures.
Among the various technical security measures adopted against cyber threats, we highlight Endpoint Detection & Response (EDR) technology.
Policies, certifications and payment security
BizAway adheres to the regulations set forth by the International Organization for Standardization regarding information security, specifically the ISO/IEC 27001 standard.
In this regard, BizAway has obtained certification from a leading international certification body for security standards (see certificate here).
All customer payment information is provided to an external provider compliant with the PCI-DSS standard.
Data protection & GDPR
We are Data Protection & GDPR compliant.
We have a personal data management system that processes data according to the principles established by the GDPR (2016/679): lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
Our offices are protected by alarms and security checks 24/7.
Team, Access Control, and Third-party Providers
We ensure confidentiality, integrity, and availability of our clients’ data throughout the BizAway environment. We have a dedicated team that ensures security through frequent updates and special protocols.
Among the various security measures we’ve implemented, we highlight our system access, designed according to the principle of role-based access control. This means that only specific individuals can access resources strictly necessary for their business tasks.
We constantly monitor the correctness of assigned authorizations, ensuring there are no unauthorized accesses. Access keys are regularly changed, and all users employ two-factor authentication. Additionally, through frequent audits, we conduct periodic checks on roles and access authorizations to ensure they remain compliant with policies.
We have a vendor selection policy to identify those capable of following the best security practices, thus ensuring the safety of the information we entrust to them.
Our infrastructure is hosted by a leading global provider with various certifications in information security, including ISO 27001 and SOC 2.
Do you have any questions?
You can have all the additional answers or documentation you need through your sales representative.
We are sure to have the right solution for you.
Request a free trial.