Broker Buddha Platform Security

Overview

Our platform is your platform and we take security very seriously.  In addition to our Privacy Policy, which governs the way we use data on our platform, we have a robust security program to ensure that nobody else can gain access to our systems, data, or software.

Our security program evaluates, monitors and improves the security posture of our underlying systems on a regular basis. The program is comprised of technology (software) and as well as policies (legal agreements) and procedures.

Access Control

Our technology (application, services, data) is hosted in the cloud on logically isolated servers behind a comprehensive firewall with monitoring and alarms on each system. Access to our systems is limited by a centralized access-control list with multi-factor authentication required for all users.

Redundancy & Resilience

Our server side architecture is designed for scale and redundancy with daily backups, load balancing, and cross-region replication.  Through auto-scaling functionality, we’re able to add additional servers on-demand to ensure the highest levels uptime, response time and performance.

Logging & Monitoring

We conduct system and application logging of all interactions, including access to APIs, giving us the ability to quickly investigate issues and identify concerns.

We have a comprehensive network monitoring program in place with alarms to notify key personel in the event of an outage, attack or breach.

Encryption & Testing

All data is encrypted at rest (AES-256) and in transit (TLS 1.2). Vulnerability testing by a trusted third party occurs at regular intervals. In the event that a weakness is found, our Remediation Procedure requires immediate triage and fix within 48hrs.

Policies & Procedures

All employees are educated on company policies and procedures in the event of a natural disaster, system outage or network breach.