Blueboard is an employee recognition and incentives platform powered by hand-curated experiences that make it easy to give meaningful employee rewards, incentives and gifts. At Blueboard, we believe great experiences matter and these great experiences include the protection and security of clients’ data. In addition, as a good net-citizen, Blueboard is committed to protecting our corporate brand and meeting all of our regulatory obligations.
Information Security Program Overview
Blueboard’s security program and controls are based on industry best practices and frameworks, including NIST CSF and OWASP. As part of our commitment to a robust information security program, Blueboard undergoes annual third party audits and assessments, such as SOC 2 Type 2 and internal risk assessments which are used to identify gaps, correct flaws, and manage risks to acceptable levels. Blueboard utilizes cloud service providers which have extremely high security standards and practices. Blueboard evaluates the security controls of prospective vendors before entering into any service agreements. This is done to ensure service providers have security controls that meet or exceed our own internal security requirements.
Blueboard encrypts all data in transit, in use, and at rest using TLS and AES-256 encryption. Blueboard is committed to maintaining the integrity, confidentiality, and availability of our systems and customer data. Any breach of security, actual or suspected, will be reported to and investigated by the Blueboard Information SecurityTeam.
Questions and Contacts
If you have any questions about this Security Statement or wish to communicate with us about our security practices, all inquiries should be addressed to firstname.lastname@example.org.