Bryghtpath is a company built on trust. No matter if it’s our internal data or yours, by working with our company you are trusting us to protect your most important information as you use our products and services. That’s why security & compliance have been top priorities for our organization.
Security Practices
- We are in the process of completing SOC Type 2 compliance, certifying that our security policies and controls continuously meet the highest industry standards. We expect this process to be completed in Q2 2022.
- We use TLS everywhere.
- Your data (and ours!) is encrypted at rest and in transit.
- We run 100% on the cloud using AWS (US-East).
- We have Amazon CloudTrail turned on at all times.
- We’ll notify you within 72 hours of learning about a data breach.
- All of our employees and contractors receive regular security training.
SOC 2 Compliance
Bryghtpath recently began an engagement with Vanta, the leader in automated security compliance, to bring the organization into full compliance with the Auditing Standards Board of the American Institute of Certified Public Accountants’ (AICPA) existing Trust Services Criteria (TSC). The purpose of this compliance and accompanying report will evaluate our information systems relevant to security, availability, processing integrity, confidentiality, and privacy.
We anticipate being in full compliance with the SOC 2 requirements by December 31st, 2021 with an initial SOC 2 Type 1 report being available in early Q1 2022 from our auditor. We’ll then enter into a period of continuous monitoring with a further issuance of a SOC 2 Type 2 report within a calendar year.
Questions / Contact
For more information or to obtain copies of our interim engagement details and reporting, feel free to contact us at any time.