Bizagi Cloud Platform Security

Managing Access to Information

Bizagi offers a variety of configuration possibilities regarding user access to information and there are many levels on which you can configure those permissions.

•Defining performers

•Configuring access rights to menus and processes

•Setting up Case Security

•Setting up control properties on forms using expressions

•Custom building Widgets that comply with your security standards

•Configuring Business Keys for your entities

•Integrating the Authentication method of your choice

See: Managing Access to Information

Security controls

Bizagi implements security controls and measures for data integrity, confidentiality and availability aligned to leading information security standards and frameworks such as ISO 27001, NIST and FedRAMP.

•Access controls and Authentication

•Audit and Accountability

•Change Control and Configuration Management

•Incident Response

•Physical Security

•Role Based access control model

•Secure Software Development process

•Workforce Security

Network and infrastructure security

To provide a high level of security, in addition to other security controls , Bizagi Cloud Platforms relies on network isolation measures and security components such as:

•Application Gateway

•WAF

•Firewall

•Network Intrusion Detection System (IDS)

•Virtual Private network (VPN)

•Whitelist

Malware protection

Bizagi follows a malicious software detection and prevention process to maintain a secure environment for the Bizagi Cloud Platform customer including the timely application of patches, fixes, and updates to services and applications. Bizagi enforces Change Management and Vulnerability Management policies.

Data Security

To provide a higher data security level, as well as other security controls , Bizagi Cloud Platform features data encryption for data both at rest and in transit.

•Data encryption in transit (TLS)

•Data encryption at rest (TDE)

Risk Assessment and Vulnerability Management

Bizagi follows a Risk management methodology. The purpose of this methodology is to establish guidelines for information security and privacy risk analysis and management. Bizagi performs:

•Vulnerability Scanning.

•Internal penetration tests are performed for each update.

•External penetration test is performed at least once a year.

Penetration tests meets the OWASP and OSSTMM standards.

Logging and Continuous Monitoring

Monitoring and logging for Bizagi Cloud Platform services, applications, systems, data repositories, middleware and applicable infrastructure in general, is in place.

Logs are analyzed for anomalous behavior and monitoring of the service as a whole is conducted, so staff is alerted about any anomaly.

•Bizagi conducts 24x7 monitoring on the services and underlying technology of Bizagi Cloud Platform.

•Monitoring of the Bizagi Cloud Platform availability, resource consumption and performance.

Business Continuity and Operational Resilience

•Bizagi performs different type of backups of the production environment database.

•Bizagi Cloud Platform relies on Azure Availability zones to protect the service and customer data from data center failures.

•Reliability is designed for all underlying services of Bizagi Cloud Platform and especially enforced through a highly available storage layer.

•To increase the reliability of Automation Service, Bizagi offers Disaster Recover services (DR).

See: Reliability

Regulatory compliance

Bizagi is compliant with global regulations.

•Bizagi is HIPAA compliant.

•Bizagi is GDPR compliant.

•Bizagi is FedRAMP authorized.

•Bizagi is ISO 27001 certified.