Security

At Blinq, we understand how important information security is to you and your business, and are committed to keeping your data private and secure.

We ensure that your data is protected both in transit and at rest, work only with reputable vendors, regularly test our infrastructure and have a security-first approach to our technology.

We don't sell or provide your data to third parties without your consent. It's just not what we do here at Blinq. Your data is yours to share with your network.

Security Logo

Infrastructure

Blinq's infrastructure logo

Data Hosting

Blinq services and data are hosted in Google Cloud Platform. Google Cloud Platform is a trusted and reliable service provider that leads in security innovation and maintains a laundry list of globally recognised security compliance certifications including ISO 27001, ISO 27017, SOC I, II & III.

Encryption

All data sent or received by Blinq is encrypted using TLS 1.2 in transit and 256-bit AES at rest. Secure Sockets Layer (SSL) certificates are provided by Google Trust Services and Lets Encrypt.

Logging

Google Cloud Logging is used to govern all operations and actions taken using Google Cloud Platform.

Logs are retained for a minimum of 1 year.

Blinq uses LogRocket and Google Cloud Platform for application logging and monitoring which allows us to diagnose and fix issues related to the Blinq application.

Error logs are stored in LogRocket for 60 days and are used to investigate issues raised via alerts.  Logs within Google Cloud Platform are kept for 365 days and are de-identified.

Monitoring

Google Cloud Monitoring is used to monitor, log and alert on resource allocation and operational performance of the infrastructure of the Blinq web application.

Blinq uses Vanta to monitor security events and misconfigurations that includes privileged access management, publicly accessible infrastructure, employee compliance and logging that is not available elsewhere.

Backups

Backups are completed daily and tested weekly. All backups are encrypted.

Governance

Blinq's governance logo

Access Management

Blinq takes a zero trust approach to data access, server access & network access. Single sign-on (SSO), 2-factor authentication (2FA) and strong passwords are enforced on all systems and sub-processors that support Blinq. Access to customer data is limited to authorised employees who require it for their job.

Security Policies, Training and Endpoint Management

Blinq has developed an extensive set of information security policies that govern employee behaviours that are regularly reviewed and updated.

All employees complete security awareness training at least annually.

All Blinq devices are remotely managed and monitored using Kandji.

Vendor Management

Blinq’s commitment to security extends beyond our own internal standards. Every vendor used by Blinq has been reviewed to make sure it meets the same security requirements that we apply to ourselves at a minimum.

Compliance

Blinq's compliance logo

Blinq is currently engaged in the process of SOC2 certification. Blinq is using Vanta to manage and monitor the security controls that meet SOC2 standards.Blinq is committed to abiding by the requirements of the Australian Privacy Policy and GDPR. For more information about how we collect, handle and process information including your rights view our Privacy Policy.