At Blinq, we understand how important information security is to you and your business, and are committed to keeping your data private and secure.
We ensure that your data is protected both in transit and at rest, work only with reputable vendors, regularly test our infrastructure and have a security-first approach to our technology.
We don't sell or provide your data to third parties without your consent. It's just not what we do here at Blinq. Your data is yours to share with your network.
Blinq services and data are hosted in Google Cloud Platform. Google Cloud Platform is a trusted and reliable service provider that leads in security innovation and maintains a laundry list of globally recognised security compliance certifications including ISO 27001, ISO 27017, SOC I, II & III.
All data sent or received by Blinq is encrypted using TLS 1.2 in transit and 256-bit AES at rest. Secure Sockets Layer (SSL) certificates are provided by Google Trust Services and Lets Encrypt.
Google Cloud Logging is used to govern all operations and actions taken using Google Cloud Platform.
Logs are retained for a minimum of 1 year.
Blinq uses LogRocket and Google Cloud Platform for application logging and monitoring which allows us to diagnose and fix issues related to the Blinq application.
Error logs are stored in LogRocket for 60 days and are used to investigate issues raised via alerts. Logs within Google Cloud Platform are kept for 365 days and are de-identified.
Google Cloud Monitoring is used to monitor, log and alert on resource allocation and operational performance of the infrastructure of the Blinq web application.
Blinq uses Vanta to monitor security events and misconfigurations that includes privileged access management, publicly accessible infrastructure, employee compliance and logging that is not available elsewhere.
Backups are completed daily and tested weekly. All backups are encrypted.
Blinq takes a zero trust approach to data access, server access & network access. Single sign-on (SSO), 2-factor authentication (2FA) and strong passwords are enforced on all systems and sub-processors that support Blinq. Access to customer data is limited to authorised employees who require it for their job.
Blinq has developed an extensive set of information security policies that govern employee behaviours that are regularly reviewed and updated.
All employees complete security awareness training at least annually.
All Blinq devices are remotely managed and monitored using Kandji.
Blinq’s commitment to security extends beyond our own internal standards. Every vendor used by Blinq has been reviewed to make sure it meets the same security requirements that we apply to ourselves at a minimum.