SECURITY

The Bia website is only accessible over HTTPS. Traffic over HTTPS is encrypted and is protected from interception by unauthorized third parties. Bia follows current best practices for security, including the use of industry standard TLS 1.2 and 1.3 encryption algorithms with a key length of at least 128 bits.

All data stored in Bia system is encrypted at rest using a strong encryption algorithm (AES-256). This data includes flows, connections, lookup tables, user profiles, flows history, and audit logs. Flows history data is double-encrypted using a global key managed by our cloud providers and a tenant-specific key.

Bia uses JWT authentication mechanism for secure communication with our backend APIs. Once the user is logged in, each subsequent request will include a JWT, allowing the user to access routes, services, and resources that are permitted with that token.

Bia system is built based on multitenancy principles where a single instance of the core system (Operator) is serving multiple clients & brands. Each client will have its own configuration with single database.

Bia systems application setup follows a standard RBAC (Role-based Access Control) system with a three-level model, consisting of users, roles, and permissions. All users are created and updated in the application and managed in a centralized manner.

Bia maintains an Activity Audit Log that enables administrators to see a record of users’ actions such as logging to client, changes details, update password, failed logging etc. For any event in which data is being modified, the log will include both old & new data values.