IT Security

Leading
edge security

The Brainloop solution’s security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

With strong encryption and the protection of all documents from unauthorised access by internal and external attackers, you move collaboration on your data into a high-security environment.

Maximum security in operation every day:

  • IT security made in Germany, hosted in Germany or elsewhere in Europe
  • Hosting in highly available ISO 27001-certified datacentres in Britain, France, Germany, Austria, Switzerland and Luxembourg
  • Two-factor authentication to prevent social engineering attacks
  • Completely separate administration of the Dataroom Centre and the datarooms themselves
  • Encryption of database and file system
  • Restrictively configured firewall
  • Stringent provider and administrator shielding
  • Highly secure 256-bit AES-GCM encryption on servers, mobile apps and desktop clients
  • Highly secure 256-bit SSL/TLS encryption during data transmission
  • Integration of Information Rights Management technology (Adobe LiveCycle Management)
  • Security categories for consistent implementation of corporate policies
  •  External security audits of our applications several times a year

Certificates & Awards

Collaboration Room.png
ISO/IEC 27001:2013
Operation of all SaaS platforms

The ISO 27001 standard certifies that an information security system has been implemented for the secure operation of all SaaS platforms. During the implementation, the ISO 27018 standard was also established as a basis for data protection.

The recertification was completed in 2017 and is valid for three years. The certificate itself is valid for one year and is reissued following a control audit.

Collaboration Room.png
ISAE 3402
Operation of all SaaS platforms

The ISAE 3402 certification confirms that Brainloop has set up the appropriate control system structure for the operation of its SaaS platforms and complies with the predefined controls (Type II). The COBIT Framework was used as a basis for this.

Brainloop will send the detailed report to customers on demand.

Collaboration Room.png
Trusted Cloud Data Protection Profile
Brainloop Cloud Services

Brainloop BoardRoom, CollaborationRoom, DealRoom (based on the Secure Dataroom technology) and MyRoom all comply with the highest level of TCDP data protection requirements for subcontracted data processing services: TCDP Version 1.0 (protection category III, data recoverability level: high).

The data protection certificate is based on a catalogue of requirements that itself is based on international standards like ISO 27018.

Certificate Brainloop Secure Dataroom

Certificate Brainloop MyRoom

 

 
Collaboration Room.png
Security Audit
Brainloop Secure Dataroom Service

Brainloop commissions every year security audits carried out by alternating Experts. In 2017 Rapid7 Consulting conducted the penetrations test on our web application with the result that there were no deficits identified.

Further Tests:

2016: Cognosec (no critical deficits)
2015: SEC Consult (no critical deficits)
2014: SySS (no critical deficits)
2013: ERNW (no critical deficits)
2012: SySS (no critical deficits)
2010: n.runs (no critical deficits)

Collaboration Room.png
Security Audit
Secure Client for iOS and Android

Brainloop commissions every year security audits carried out by alternating Experts. In 2018 SEC Consulting conducted the penetrations test on our Secure Clients application with the result that there were no critical deficits identified.

Further tests:

2017: Rapid7 (no critical deficits)
2016: Cognosec (no critical deficits)
2015: SEC Consult (no critical deficits)

Collaboration Room.png
Security Audit
Brainloop MyRoom (Dox)

Brainloop commissions every year security audits carried out by alternating Experts. In 2017 Cognosec conducted the penetrations test on our web application with the result that there were no deficits identified.

Further Tests:

2015: SEC Consult (no critical deficits)

 
FINMA-RS 08/7
Brainloop Switzerland AG

BDO certifies that Brainloop complies with requirements relating to the long-term outsourcing of major business areas – in accordance with the circular 2008/7 of the Swiss Financial Market Supervisory Authority (FINMA-RS 08/7)..

Brainloop will send the detailed report to customers on demand.

Collaboration Room.png
IT Security made in Germany
Brainloop

Brainloop has officially declared that it fulfils the criteria of the TeleTrusT label: IT Security made in Germany.

These criteria include requirements like the development of reliable IT security solutions, the exclusion of any hidden backdoors, compliance with data protection regulations and conducting IT security research and development in Germany.

Collaboration Room.png
Brainloop Ranked 'Best in Test'
Brainloop is the best at adapting to a company’s security strategy.

Com! Professional, a top technology magazine ranks Brainloop's Secure Dataroom 'Best in Test'.

Having tested various data room solutions, Com! Professional announces that Brainloop is the best at adapting to a company’s security strategy. Brainloop's Secure Dataroom provides a traditional dataroom with advanced collaboration functionality. Access to the platform can be protected with two-factor authentication. Along with a user name and password, users also need a one-time pin that is sent to their mobile phone by SMS or email.

Need maximum data security for your company?

Start using your solution today.

Brainloop solutions are quick and easy to implement and intuitive to use. Users who work on PCs can already start working with them after a brief introduction. No IT knowledge is required to operate these secure solutions. Your company has immediate access to a dataroom available from anywhere in the world – and nobody can use it without your permission.

Learn more