Blueboard is committed to protecting our corporate brand and meeting all of our regulatory obligations. We embrace the concept of defense-in-depth to ensure robust security controls are in place at multiple levels in order to meet the most demanding security requirements.
Blueboard’s security program and controls are based on industry best practices and frameworks, including NIST Cyber Security Framework.
As part of our commitment to information security Blueboard undergoes annual third-party audits and assessments— such as SOC 2 Type 2, risk assessments, and external penetration tests— which are used to identify gaps, correct flaws, and manage risks to acceptable levels.
Blueboard is required to meet both GDPR, as well as the California Consumer Privacy Act (CCPA). We are both financially and culturally committed to meeting the terms and obligations of these pieces of legislation.
Blueboard uses OWASP frameworks to make sure security is “baked in” to our customer-facing web applications.
We regularly scan for security vulnerabilities in our web applications and user endpoints. All critical and high-level security vulnerabilities are remediated in an expedited fashion. Any breach of security— actual or suspected— is reported to and investigated by the Blueboard Information Security Team.
At Blueboard, we take a “layered approach” to protecting assets. Which means we embed technical security controls within organizational practices to create strong layers of defense.
We believe people are the strongest security control. Each Blueboard employee goes through mandatory, ongoing security awareness training. Our security team measures and reports on results, and acts on any identified opportunities for improvement.
Blueboard relies on both passive and active physical security controls, designed to protect our assets and employees from various types of attacks, such as sabotage, damage, and criminal activity.
If you have any questions about this Security Statement or want to learn more about our security practices, please contact us at firstname.lastname@example.org.
Connect with our team for a personalized demo of our recognition and rewards platform and see our hand-curated experience menus.Let's talk