We are committed to ensuring the security of your data. This article outlines BigTime’s encryption practices, system protection measures, and how you can report security concerns.
-
How does BigTime handle encryption?
BigTime uses a mix of encryption technologies to protect data in transit and at rest. All traffic and data are encrypted to ensure the highest levels of security.
-
How does BigTime protect its infrastructure?
BigTime follows industry-standard practices, including:- Regular reviews of security practices.
- Endpoint protection and monitoring.
- Use of AWS services like GuardDuty and Web Application Firewalls.
- Cloudflare DNS and enhanced protection against attacks.
These measures help ensure that our systems remain secure and resilient against threats.
-
How is administrative access to BigTime systems secured?
Administrative access is governed by the principle of least privilege:
- Access is restricted to only what is necessary for each role.
- Whenever possible, access is controlled through our centralized identity management platform.
- Multi-factor authentication (MFA) and activity monitoring are enforced to enhance security.
-
Does BigTime have written security policies?
Yes, BigTime maintains a variety of written security policies and procedures, which are communicated throughout the organization. These policies are regularly reviewed to ensure they meet industry standards.
-
Does BigTime enforce strong passwords?
Yes, BigTime requires strong passwords. Additionally, we support integration with most SSO providers to meet your organization’s authentication needs. -
How is user security organized within BigTime?
BigTime offers role-based permissions with a high level of customizability, enabling administrators to manage access to login, projects, reports, and other sensitive areas.
-
I think I found a vulnerability. How do I report it?
If you discover a vulnerability or suspect a breach, please report it to security@bigtime.net. Our team will review the issue and respond promptly.