As any SaaS product in modern times, Bynder is under continuous attack by hackers and malicious individuals who want access to our—and our clients'—confidential information. By continuous, we mean averaging over ten thousand technical attempts per hour, and daily attempts in person. As Bynder continues to grow in both size and public knowledge, and as information security itself garners more attention in the news, these attacks will only increase.
As Bynder's Chief Information Security Officer, I’m responsible for improving the product and organization’s security. I’ve been doing this to help Bynder become—and remain —the most secure SaaS digital asset management system with a strong privacy-first mindset.
Therefore, to reinforce our trust, technical strength, and awareness of our security systems, we acquired the ISO27001:2013 certification and achieved total HIPAA compliancy—proving that our mission to deliver a digital asset management system with a modern approach to development and growth is more than viable.
Right now, we're working towards finalizing security standards set by the Payment Card Industry Data Security Standard (PCI-DSS) v3.1. This standard is meant to protect information about people, and their payment details, used on any online platform, such as websites, e-commerce platforms, and other online services. Compliance with the world-renowned PCI-DSS completely matches Bynder’s priority to provide an easy-to-use trustworthy system that safeguards all of your digital assets against theft or loss and maintaining the same security standards you would have for your credit card details, applied to digital assets that are stored in your portal.
Thanks to our existing security standards, Bynder is already mostly compliant, but to ultimately meet the requirements of the PCI-DSS standard, the Bynder portal needs to be accessible only over modern and secure protocols. To comply with this, Bynder will only support TLS 1.2 and newer from July 2017 onwards, meaning that some browsers and applications—specifically Internet Explorer 10 and Java 7—will not be able to connect with Bynder. Internet Explorer 11 and newer, and Java 8 will continue to work as before.
We do, of course, understand that this will have an impact on some customers. However, as we’re responsible for millions of digital assets for over 450 international clients, we will continue to assess our product and related services to ensure that the solutions we offer adequately meet both customer needs' and the high bar we set for ourselves.
What’s next?
After we’ve formally implemented PCI-DSS, we’re always looking forward to finding better and stronger ways to strengthen our security and privacy promises, and raise the bar.
Bynder is already implementing a strong Business Continuity Management System (based on ISO 22301:2012) and preparing for Europe’s General Data Protection Regulation. These certifications and programs will contribute to the reliable and secure Bynder experience that you’ve come to expect.
Read more about our security measures in Privacy-first design: Bynder’s security e-Book.
Privacy-first design: Bynder’s security e-Book