Enterprise-grade security

At Blockbax, we engineer our platform for mission-critical applications, ensuring that security is not just a feature, but a foundation of what we build.

27001 complianceISO 27001 compliance

Blockbax has undergone an ISO/IEC 27001:2022 audit by an accredited auditor. Statement of applicability and certificate available upon request.

GDPR complianceGDPR compliance

Committed to compliance with EU’s General Data Protection Regulation (GDPR), Data Processing Agreement (DPA) available upon request.

UptimeUptime and availability

We offer 24/7 support, and uptime guarantees and give full transparency into our platform status (historically > 99,99%).

NIS2 complianceNIS2 compliance

Committed to compliance with EU’s expanded Network and Information Security directive (NIS2).

External testingExternal testing

We conduct regular third-party penetration tests and welcome responsible disclosure to identify security weaknesses before they can be exploited. Pentest report available upon request.

Identity management and access control

We offer robust identity management and granular access control.

Role-Based Access Control (RBAC)Role-Based Access Control (RBAC)

Effectively manages user permissions to restrict certain functionality and access to specific resources (like specific assets).

SAML 2.0SAML 2.0

Blockbax offers SAML integration for the main identity providers (Microsoft Entra ID / Azure AD, Okta, and more).

Single Sign-On (SSO)Single Sign-On (SSO)

Centralize authentication and control by letting users log in with existing corporate credentials.

MFA supportMulti-factor authentication (MFA)

An extra layer of security through multiple verification steps.

Audit logsAudit logs

Keep a record of your users’ activity enabling traceability, accountability, and rapid incident response.

Data protection

Blockbax is built on the foundational security principles to safegaurd the confidentiality, integrity, and availability of your data.

Data encryptionData encryption

Blockbax enforces encryption on all connections to encrypt data in-transit with TLS 1.2 or higher. All data at-rest is secured using AES 256-bit encryption.

Data backupData backup

Automated, encrypted backups and tested recovery processes.

Data retentionData retention

Clear policies and configurations for retention, access, and deletion.

Data ownershipData ownership

You retain all ownership and control over your data.

Data residencyData residency

Data is only stored in EU-located data centers.

Blockbax is trusted by great companies

RSM Erasmus Enexis TBI Gemeente Rotterdam Aquon Breman Juuva

Have questions about security, privacy, or compliance?

Our team is ready to provide you with the information you need.