Security Features

Authenticate onto Bluecopa effortlessly.

Bluecopa has a secure software development lifecycle (SDLC) that integrates security into all stages of the development process, from feature requests to production monitoring. We use tooling to trace a feature through the lifecycle and to automate security scanning and vulnerability tracking of systems, libraries, and code.

Seamlessly manage access rights.

Role-based access control and comprehensive permissions ensure that only authorized users access data approved by the company administrator.

Gain more control with customer-managed keys.

We use AWS KMS (Key Management Service) at the control plane, which is the layer that manages the overall security of our system. On the data plane, which is the layer that stores and processes data, we use the cloud-specific key management system for each cloud platform. For example, we use KMS in AWS and Cloud Key Management in GCP.

Keep track of everything with audit logs.

A comprehensive audit logging tells you who logged in, when, for how long, and what they did. This helps track down security incidents and investigate them. We support both application and system audit logs.

Make the most out of data backups.

Easily configure redundant data backups and store them in durable cloud storage, such as Amazon S3 or Google Cloud Storage.

Get access to powerful encryption.

Data in transit is encrypted using TLS 1.3. All data at rest in the data plane cluster is stored in encrypted volumes specific to the cloud provider. Additionally, all databases and storage in the control plane are encrypted.

For example, in AWS, we use S3-SSE-S3 and AWS EFS-FIPS 140-2. All data stored by Google Cloud is encrypted at the storage layer using the Advanced Encryption Standard (AES) algorithm, AES-256. Google Cloud uses Tink, which includes a FIPS 140-2 validated encryption module, to implement encryption consistently across its cloud platform.