Bridgit is proudly SOC 2 Type 2 certified. We take a layered approach to ensure your data is always safe, secure, and available to you at all times.
Bridgit products include robust permissions and data protection that allow for greater control over the Bridgit products include robust permissions and data protection that allow for greater control over the accessibility to your data.
Our trusted infrastructure protects your data at every level.
Bridgit applications are routinely checked against the Open Web Application Security Project (OWASP) top vulnerability list.
We ensure you always have access to your data with 99% uptime for Bridgit applications.
Bridgit Bench is hosted on AWS in North America. All customer data is stored in AWS in the US. More specifically: We host on the west coast across multiple Availability Zones and have Disaster Recovery infrastructure in central US.
Yes, customer data in Bridgit Bench is backed up continuously and the backups are encrypted at rest. Customer data is also replicated across availability zones.
Yes, Bridgit has a Disaster Recovery and Business Continuity Plan. This can be shared with a signed NDA in place.
By default, we retain customer data for the duration of your contract. If a customer requests deletion of their data, we will delete their data within 90 days unless legally prohibited. Customer data that is part of the historical data import prior to implementation will be retained only as long as needed by the implementation team and will be deleted within 100 days of collecting the data from the customer.
Bridgit currently has certification for SOC 2 Type 2. Bridgit has no other security compliance/certifications at this point in time. SOC 2 Type 2 report can be shared with a signed NDA in place.
All access to Bridgit REST API endpoints require an access key and are secured with TLS. This access key can be regenerated on demand by customers. Learn more about our Open API here.
Integrations with other applications are all opt-in and authenticate via OAuth or other applicable mechanisms required by the third party application. Integrations can be disabled at any time.
It is mandatory for employee computers to have strong passwords, encrypted disks, firewalls, and, where applicable, inbound and outbound network traffic monitoring and alerting.
“There is a newdawn of workforce management, combining historical and situational data with experience. Bridgit Bench is your foundation to the future.”