Security Statement

Beebot AI Ltd, (Beebot), is committed to protecting its information assets to satisfy the company’s business objectives and meet the information security requirements of its customers while maintaining the safety of individuals and protecting their right to privacy.

This Statement complements Beebot’s ISO27001 Information Security Management System, (ISMS), and provides a brief summary of the company’s internal security policies and procedures which constitute the security baseline that governs the company’s Software as a Service (SaaS) Platform, by adhering to “secure by design” principles.

Our ISMS confirms the commitment of the Beebot AI management team to information security and provides the
framework used to establish and continuously review our information security objectives and policies through a process of regular management reviews, risk assessments, regular internal and external audits and security incident reporting.

Beebot Information Security Principles Summary

  • Organisation of Information Security ensures “top-down” sponsorship and management of information security and data protection with appropriate segregation of duties where required.
  • All people who do work for Beebot are screened; are bound by confidentiality and non-disclosure agreements; and receive regular security awareness training.
  • An information asset register is maintained to control appropriate access rights; to inform patch management rules; and to inform incident responses.
  • Operation of an IT security policy and procedures that includes appropriate measures to protect all end-point devices.
  • A data classification policy ensures appropriate data handling; the principles of least privilege and “need to know” are applied to protect customer and personal data.
  • Data is protected by the appropriate enforcement of an encryption policy.
  • Appropriate physical controls are maintained at all Beebot owned sites to avoid intrusion and unauthorised access.
  • Beebot uses Microsoft Azure’s highly protected datacentres for hosting and protecting its SaaS platform and its business systems.
  • Operations operate procedures for change management, malware controls, event log management, secure backup and retention.
  • Network services and firewalls are hardened to protect information against emerging threats.
  • All software development is subject to a rigorous secure development policy which includes testing against known standards, such as OWASP, and the segregation of development, test and production environments.
  • Beebot’s platform is penetration tested by a specialist third-party firm annually as a minimum.  
  • Ensure that breaches of Information Security, (both actual and suspected), are reported and investigated by the Beebot management team and reported to the appropriate authorities.
  • Comply to GDPR regulations for both corporate and client information and the protection of that information against any unauthorised access.
  • Compliance with all regulatory and legislative requirements.
  • Maintain and regularly test disaster recovery and business continuity plans.
  • Maintain external independent security audits/compliance, e.g. ISO27001, Cyber Essentials, PCI compliance.

Heading

Read more

Heading

Read more

Heading

Read more
This statement shall be subject to on-going review and will be amended as necessary to ensure that it continues to be appropriate to the business needs of Beebot AI Ltd. All queries should be addressed to security@beebotai.com.