Is Brandfolder Secure?
SOC 2 Type 2 compliant
Brandfolder has completed its SOC 2 Type 2 audit for its security and confidentiality controls. This means Brandfolder has established processes and practices against these controls that have been validated by an independent third party.
- Independent third-party examination
- Gold standard security compliance for SaaS
- Strict security and confidentiality procedures in place
Brandfolder enables the right individuals to access the right resources at the right time. It provides a seamless and secure way for your organization to manage your digital assets. Other users can't see your brand assets in your Brandfolders unless you deliberately give them access or make your Brandfolder Public.
- SAML 2.0 SSO
- User management & permissions
- Privacy and Stealth Mode settings
Storage and delivery
An Enterprise DAM platform that offers quick, easy and secure upload and storage capabilities on a global scale. The underlying storage architecture behind Brandfolder is built atop Amazon’s AWS infrastructure-as-a-service platform, with support for Google Cloud Platform (GCP) as well. Brandfolder utilizes Amazon S3 for all object storage. Using Amazon S3, Brandfolder redundantly stores all data on multiple devices across three Availability Zones. All PUT and COPY operations for objects are synchronously stored across all Availability Zones before confirming that the data has been successfully stored, thus ensuring fault-tolerance. Once stored, Amazon S3 regularly verifies the integrity of stored data using checksums. If corruption is detected, it is repaired using redundant data. By using Amazon S3, Brandfolder is able to effectively provide 99.999999999% durability and 99.99% availability of objects over a given year.
- S3 AWS Storage with a 99.99% uptime
- Globally distributed Content Delivery Network (CDN)
- Content ingestion network with lightning fast upload speeds
- Global storage locations in the US, Asia, Europe, and others
- Custom storage solutions for enterprise clients
All data traveling between a customer device and Brandfolder is secured with SHA256withRSA signed certificates and encrypted using HTTPS to protect against eavesdropping, tampering and message forgery. Brandfolder only accepts traffic from 2 whitelisted ports, and has built-in intrusion detection instrumented with monitoring and alerts.
Risk assessment and controls
Brandfolder IT reviews and regularly updates IT vulnerabilities, controls, and risk impacts. The assessment evaluates security vulnerabilities affecting confidentiality, integrity, and availability. Appropriate security safeguards are recommended, permitting management to make knowledge-based decisions about security-related initiatives.
Durability & back-ups
By leveraging Amazon Web Services (AWS) and Google Cloud (GCP), Brandfolder offers best in breed online and physical security measures, 99.999999999% durability and 99.99% availability of objects over a given year. Brandfolder ensures streaming replication backups so that no changes or updates are lost in the event of a disaster.
Amazon provides state of the art data center security, including around the clock staffing, video surveillance and intrusion detection systems. Authorized access is granted on a need to know basis. In the Brandfolder office, all workstations are regularly updated and monitored for malware protection. All administrative interfaces are accessed through key-card and/or 2FA user authentication.
Security and ownership
Your data is yours, and yours only. Brandfolder will protect your data from internal and external threats, making it the safest home for all of your important brand assets. We leverage built-in intrusion detection, advanced monitoring and alerts systems, encryption in transit and more measures to ensure data security.
- Regular security audits and pen testing
- Business continuity and disaster recovery procedures
- Internal and external data security
Reach out to Brandfolder Support at email@example.com to receive more security documentation or audit reports.