Security at BAM-SSO
Security is at the core of everything we do. We implement industry-leading practices to protect your data and ensure the integrity of your authentication infrastructure.
Security Infrastructure
Our platform is built with security-first principles and implements multiple layers of protection:
Encryption
All data in transit is encrypted using TLS 1.2+ and data at rest uses AES-256 encryption.
Authentication Protocols
Support for SAML 2.0, OAuth 2.0, and OpenID Connect with industry-standard implementations.
Multi-Factor Authentication
TOTP, SMS, hardware tokens, and biometric authentication options available.
Access Control
Role-based (RBAC) and attribute-based (ABAC) access control with fine-grained permissions.
Audit Logging
Comprehensive audit trails of all authentication and authorization events.
Threat Detection
Real-time monitoring and detection of suspicious activities and anomalies.
Compliance & Certifications
BAM-SSO complies with major regulatory frameworks and industry standards:
- GDPR: General Data Protection Regulation compliance for EU data protection
- CCPA: California Consumer Privacy Act compliance
- SOC 2: Service Organization Control compliance
- ISO 27001: Information Security Management System certification
- HIPAA: Health Insurance Portability and Accountability Act compliance
- PCI DSS: Payment Card Industry Data Security Standard compliance
Data Protection
Data Encryption
All sensitive data is encrypted using industry-standard algorithms:
- TLS 1.2+ for data in transit
- AES-256 for data at rest
- Secure key management with HSM (Hardware Security Module) support
Data Retention
We maintain data retention policies that comply with regulatory requirements and best practices. Users can request data deletion subject to legal and contractual obligations.
Data Backup
Regular automated backups with geographic redundancy ensure data availability and disaster recovery capabilities.
Vulnerability Management
We maintain a comprehensive vulnerability management program:
- Regular security assessments and penetration testing
- Automated vulnerability scanning
- Responsible disclosure program
- Prompt patching and updates
- Security incident response procedures
Network Security
Our infrastructure is protected by:
- DDoS protection and mitigation
- Web Application Firewall (WAF)
- Intrusion Detection and Prevention Systems (IDS/IPS)
- Network segmentation and isolation
- VPN and secure tunneling options
Access Control & Authentication
We implement strict access controls:
- Principle of least privilege
- Multi-factor authentication for all administrative access
- Session management with timeout controls
- Audit logging of all access events
- Regular access reviews and revocation
Security Monitoring & Incident Response
Our Security Operations Center (SOC) provides 24/7 monitoring:
- Real-time threat detection and alerting
- Incident response team on standby
- Forensic analysis capabilities
- Regular security training for staff
- Incident communication and transparency
Third-Party Security
We carefully vet and monitor all third-party vendors and service providers:
- Security assessments of vendors
- Contractual security requirements
- Regular audits and compliance checks
- Data processing agreements (DPA)
Security Best Practices for Users
To maximize security, we recommend:
- Use strong, unique passwords
- Enable multi-factor authentication
- Keep your credentials confidential
- Report suspicious activities immediately
- Keep your devices and software updated
- Use secure networks when accessing SSO
Reporting Security Issues
If you discover a security vulnerability, please report it responsibly to:
Email: support@bam-sso.com
Please do not publicly disclose the vulnerability until we have had time to address it. We appreciate your help in keeping BAM-SSO secure.
Contact Us
For security-related questions or concerns:
- Email: support@bam-sso.com
- General Inquiries: info@bam-sso.com