Commitment to Excellence in Security
At MindBridge Ai, we aim to make our Ai Auditor platform secure from the ground up. We recognize that our customers entrust sensitive data to us and that it is our obligation to uphold that trust. Security is addressed in our infrastructure, our development practices, and in our operations. We apply industry standards and best practices to go beyond compliance and achieve security excellence. We also recognize that our clients have compliance concerns and we are committed to providing assurance needed to address these concerns.
MindBridge Ai’s cloud services are hosted on secure cloud infrastructure. Our primary and back-up infrastructure providers are fully ISO27001 and SSAE 16 compliant. By choosing to use cloud services as our infrastructure, MindBridge Ai ensures our customers have the best in data center management and security.
Customer data is always protected. Customer data is encrypted using NIST approved algorithms (AES 256) using the most secure available protocols and implementations. All network connections are encrypted. This includes the connection between our customers and our service; connections between primary and back up storage, and connections between our support and our service. All data stores, both primary and backup are encrypted at all times.
Each Ai Auditor customer is set up with their own dedicated database and storage. There is no interaction between customers and no mixing of data.
The Ai Auditor security architecture delivers true defence in depth. Our software stack deploys redundant controls in the infrastructure, network, platform and within the application, to ensure that there is no single point of failure. Operational security controls are similarly layered to protect our services from threats in the operating environment. Our rigorous and disciplined approach to development and testing, limits our exposure to supply chain threats.
Ultimately compliance and security are a shared responsibility. MindBridge works closely with our clients to provide the information and documentation needed to meet their regulatory obligations.