Security at Bizy
We're committed to protecting your data with enterprise-grade security measures.
Our Commitment to Security
At Bizy, a product of Agentic I.T. Solutions, we are committed to ensuring the security and privacy of your data. We implement comprehensive security measures to protect your information and ensure the reliability of our platform. Our security approach is built on multiple layers of protection, continuous monitoring, and industry best practices.
Data Security Measures
Infrastructure Security
Our infrastructure is hosted in enterprise-grade data centers with strict physical access controls, redundant power systems, and environmental protections. We employ multiple layers of network security and maintain regular, encrypted backups.
Data Encryption
All data transmitted between your devices and our servers is encrypted using industry-standard TLS/SSL protocols. Sensitive data stored in our databases is encrypted using AES-256 encryption standards.
Access Controls
We enforce role-based access controls, require multi-factor authentication for administrative access, and follow the least privilege principle for all system access.
Application Security
Secure Development Practices
Security considerations are integrated into our development process from inception to deployment. All code changes undergo peer review and we regularly update third-party dependencies.
Testing and Validation
We perform regular security assessments, including penetration testing and vulnerability scanning. Our code undergoes automated security scanning as part of our CI/CD pipeline.
Authentication and Authorization
We implement secure password policies, offer multi-factor authentication options, and securely manage user sessions with appropriate timeout periods.
Operational Security
Monitoring and Incident Response
Our systems are continuously monitored for unusual activities or potential security threats. We maintain a comprehensive incident response plan and use automated alerts for suspicious activities.
Employee Security
All employees undergo regular security awareness training. We conduct appropriate background checks and enforce clear security policies.
Vendor Management
Third-party vendors undergo security assessments before integration, and we maintain appropriate SLAs to ensure security standards are met.
Compliance and Certifications
Regulatory Compliance
We comply with Philippine data protection regulations, including the Data Privacy Act of 2012 (Republic Act 10173) and requirements set by the National Privacy Commission.
Regular Audits
We conduct regular internal security audits and periodic external security assessments to validate compliance with our security policies.
Business Continuity
Disaster Recovery
We maintain comprehensive disaster recovery plans and regularly test procedures to ensure business continuity in case of disruptions.
Redundancy
Critical systems feature redundancy to minimize service disruptions, and data is backed up across multiple geographic locations to ensure availability.
User Responsibilities
Account Security
Users are responsible for maintaining the security of their account credentials. We recommend enabling multi-factor authentication where available.
Security Awareness
Users should be vigilant against phishing attempts and suspicious communications. Report any security concerns promptly to our support team.
Reporting Security Concerns
If you discover a potential security vulnerability or have security concerns, please contact our security team immediately.
Changes to This Security Policy
We may update this Security Policy periodically to reflect changes in our practices or for legal and regulatory reasons. We will notify users of significant updates through the platform or email.