Trusted Data Center - Your data is secure
BIRD hosts our applications and your data with highly secured and trusted cloud computing providers. Here are some resources with additional context:
- Data Security
Secure transmission and sessions
BIRD products and services are connected through secure socket layer/transport layer security (SSL/TLS). Strong encryption and authentication (TLS 1.2 with SHA256 certificate) are used to ensure your users have a secure connection from their browsers to our services. Sessions are terminated after 30 minutes of inactivity or implicitly ended by a user sign out event.
A strong password policy with multi-factor authentication is implemented in BIRD by default. Users configure password strength and limitations on login attempts, and passwords are encrypted. Within the application, group and role-based access rights can be assigned, allowing full control over what a user can see and use. The application also maintains a detailed log of events, capturing items such as authentication, failed login attempts, every report and data modifications by a user.
Servers do not use passwords and require 2048 bit RSA keys to provide direct access to the box. All keys are unique to individual administrators or service accounts and are not shared. Network level firewalls prevent unauthorized traffic from reaching servers in the data center.
All data is backed up using daily and weekly images. Additionally, Master/slave replication ensures that database backups are hot-swappable. Backups and replications are not transported off-site, but rather are stored in different data centers from the BIRD application to ensure recovery in case of primary data center loss.