SECURITY

Data protection & data security

Securing personal and business-sensitive information within Brainial is our highest priority. Let us tell you all about the measures we take daily to safely manage your data.

ISO27001 Certified

Brainial is ISO 27001 certified by DNV, so that you can use Brainial with confidence.

Security measures

These are the security measures that are implemented within your Brainial environment to keep your data safe.

Operational measures

We have implemented relevant workplace measures to secure and restrict access to your environment.

Security measures

These are the security measures that are implemented within
your Brainial environment to keep your data safe.

Isolated data storage

To prevent a technical error from accidentally transferring data to another environment, we isolate all data per client in its own databases & buckets.

ISO27001 certified hosting

The hosting of the Brainial platform is in the hands of ISO 27001 certified partners & clouds. Located in the EU (the Netherlands, Germany & Belgium)

Encrypted data

All data must remain private. Therefore, whenever possible, we encrypt data in our databases and in transfer.

Advanced permissions

Within Brainial roles can be created where rights can be individually assigned. Every user can have one or more roles & layered permissions.

Audit & activity logging

Audit & activity logs can be viewed, so that certain actions of admins and users can be verified & monitored.

SSL certificates

Each component of Brainial is provided with an SSL certificate which encrypts all data & communication between user and server.

Operational measures

We have implemented these relevant workplace measures to secure
and restrict access to your environment.

Privacy by design

When developing new functionality within Brainial, data security is number one. Involved employees are trained to keep this in mind with every component.

Password management

Brainial staff works with encrypted password managers, and secured tokens & credentials. Password strength & age is automatically monitored

Automated deployments

Our infrastructure is set up so that releases are validated and executed through a standard procedure and usually take place without downtime.

Release & Patch policies

With our high release interval, we catch problems quickly and ensure that external components are updated quickly with the latest security patches.

Two-factor authentication

Management accounts of Brainial employees are equipped with 2FA (2 Factor Authentication).

Minimal PII data

We keep the exchange and storage of Personal Identifiable Information (PII) to a minimum.

AI specific measures

The core of our tendering software is powered by AI technology. It requires specific policies and measures that we have implemented to make sure our solution can be trusted. We have extended our ISO 27001 audit with these guidelines for AI.

AI & LLM Usage policy

This policy contains guidelines for the appropriate use of AI and LLM's within Brainial. It is important that all employees act and comply with this policy to ensure the quality and integrity of the output of our AI components.

OWASP for Large Language Models (LLM)

When training, fine-tuning and implementing Large Language Models we check and validate against the common LLM OWASP vulnerabilities. This ensures a safe use of LLM technology.

Additional downloads & information

Downloads

ISO 27001 Certificate Brainial

Statement of Applicability

Service Level Agreement (SLA)

Our OWASP for LLM Preventive Measures

Report a security incident

Do you suspect a vulnerability or security issue within Brainial, despite our strict security measures?
‍
Then don't hesitate to let us know as soon as possible via security@brainial.com so we can get to the bottom of it and take immediate action where necessary!

Mail security