Knowledge Management System Security You Can Trust
Reliability in knowledge management security is our commitment. Hundreds of companies rely on Bloomfire not only to centralize and access their mission-critical knowledge but also for the peace of mind that their valuable information is protected.
Trusted By Leading Brands
Today, we have over 300 customers across dozens of industries around the world, but our foundation is still the same. We’re continuing to innovate on our platform so that you can harness your company’s knowledge and make it available to all who need it.
Read our customer storiesTop-Level Security That Gives You Peace of Mind
Backup & Recovery
Bloomfire’s database is replicated across multiple AZs in real time, allowing us to continue operation with the loss of any single AZ. We also take snapshots of our data and store them apart from our servers throughout the day.
SSO Authentication
Set up single sign-on so users can navigate between systems without having to manage multiple passwords.
Role-Based Permissions
Control what information each user can access and contribute. Different role and permission settings let your system admins easily manage their teams in one centralized place.
Hosting
Bloomfire is hosted by Amazon Web Services, which ensures locked-down, privately-known locations and uses multiple security layers to prevent unauthorized access to hardware and infrastructure.
Certified Secure
We take every step necessary to protect your data. Our clients span industries with high security protocols and you can be confident that your data is safe and secure with Bloomfire.
Discuss Your Security NeedsSOC 2 Certified
We follow strict information security policies to remain SOC 2 compliant and keep your data secure in our cloud-based platform.
HIPAA-Ready
We recognize the importance of securely storing patient information, and we work with our healthcare customers to ensure their sensitive data is safe in our platform.
GDPR-Compliant
Whether you’re based in Europe or have customers in EU countries, you can rest easy knowing that Bloomfire takes the necessary steps to remain GDPR-compliant.
Yes, Bloomfire encrypts data at rest as well as user data in transit to ensure that login data is protected.
Yes. All pages on the platform is secured via SSL/TLS. We provide security support, vulnerability testing, reporting and uptime guarantees as part of our contracts when requested.
Bloomfire hosting is extremely secure. Our servers are hosted at SSAE 16 compliant facilities. Our hosting environment encrypts customer data using AES-256 at rest to keep your data safe. And all connections to Bloomfire are secured via SSL/TLS. We provide security support, vulnerability testing, reporting, and more to ensure uptime and data integrity.
Depending on the configuration, system administrators have access to add new members to the community. Provisioning can also occur using SCIM API that meets RFC 7643/7644. If your company uses Single Sign-on, we support SAML 2.0 as our standard for SSO.
Groups are used to create secure permissioning for restricted content. If a document is published to a group, only members of that group will be able to find it. If they aren’t in the group, they won’t see it. However, documents can be cross-published to different groups as needed, allowing you to maintain a single version that reflects updates across all groups when changes are made.
Our advanced reporting tools can be used to easily audit user activity and content engagement, including views, engagement, document downloads, search history, login history, and system information.
Depending on the configuration, data may remain on your existing cloud base storage or be uploaded to a Bloomfire platform tenant. Any data stored in Bloomfire is kept in SSAE-compliant facilities with encrypted backups and multiple storage locations.
We recognize the expectation of our customers to access a security compliance report from an external auditor. SOC 2 is more frequently preferred by our customers, and most importantly, we feel it helps us best maintain our focus on customer data security. ISO 27001 is an excellent security compliance program, and for a while, we ran both. Our audits showed there was a lot of overlap, and it was not necessary to maintain both. For those reasons, in 2022, Bloomfire has decided to adopt SOC 2 as our single security compliance program going forward.
Start working smarter with Bloomfire
See how Bloomfire helps companies find information, create insights, and maximize value of their most important knowledge.
Take a self guided Tour
See Bloomfire in action across several potential configurations. Imagine the potential of your team when they stop searching and start finding critical knowledge.