Security at BemiDB
Security is our highest priority. We are committed to implementing best practices and keeping our customers’ data safe.
SOC 2
BemiDB is SOC 2 Type I compliant. This security and compliance standard ensures that we store and process client data securely. Paid plan customers can purchase an add-on to receive our external SOC 2 report.
HIPAA
BemiDB is HIPAA-compliant. These security and privacy regulations ensure that protect sensitive patient health information. Paid plan customers can request to sign our BAA after purchasing an add-on.
Data encryption
Data at rest and all customer credentials are automatically secured with military-grade AES-256 encryption. Database traffic is encrypted via TLS in transit. Web traffic is encrypted via HTTPS in transit.
Backups & availability
All customer PostgreSQL data is stored in object storage providing 99.999999999% durability. Additionally, our cloud platform uses PostgreSQL with periodic backups to ensure data integrity and high availability.
Network restriction
All customers can use SSH tunneling. Paid plan customers can also restrict network access by using a private VPN tunnel, customizing IP access rules for their BemiDB databases and using BemiDB static IP addresses when connecting.
Data isolation
Data from each database is synced and processed in a provisioned container isolated environment. Customers’ data is stored in separate dedicated S3 buckets with unique credentials.
Vulnerability management
BemiDB uses continuous software vulnerability scanning tools to scan the codebase. In addition to internal security reviews, we perform regular security audits to identify and remediate potential vulnerabilities.
Payment processing
BemiDB uses Stripe to process online payments and does not store personal credit card information for any of our customers. Stripe is a certified PCI Service Provider Level 1, which is the highest level of certification in the payments industry.
Open source
BemiDB database is entirely open-sourced, allowing developers to find and fix security vulnerabilities. This transparency enables community scrutiny and rapid patching of security issues.