Bitrix24 is the most secure collaborative cloud solution. Your data is highly secure and accessible only to you and your colleagues.
Bitrix24 uses Amazon Web Services to host your data in US (Virginia) or European Union (Frankfurt, Germany). You can purchase on premise editions of Bitrix24 to host it in your country or on your server. AWS also maintains the following certifications: HIPAA, GDPR, ISO 27001, SOC 1/2/3, Directive 95/46/EC and PCI DSS Level 1.
The Bitrix24 OTP and Google Authenticator apps provide one-time password codes for two-step authorization in Bitrix24 and other Bitrix products. Even if your password is stolen, your account will not be accessible to a would-be hacker.
Even in cafes, airports and other places with public WiFi connections, passwords to Bitrix24 cannot be stolen. Users can confidently open Bitrix24 in public places through WiFi or mobile network connections.
Bitrix24 is accessed exclusively through an SSL connection, from intital authorization to the downloading and uploading of company data.
Bitrix has over 10 years of experience in providing the highest level of security for web projects. Bitrix24 benefits from all of this experience and technology, including Bitrix' own proactive Web Application Firewall, which categorically blocks the vast majority of attacks on web applications.
Bitrix offices are secured via keycard access and video monitoring system. Access to Bitrix24 servers is permitted to a small number of Bitrix employees, requires OTP and is limited by IP address. Bitrix maintains own cyber security department and uses external security consultants.
Bitrix24 uses two independent data centers and redundant clustering technology to make sure the service is maximally available.
Reserve copies of data are created daily.
At the level of the operating system, the Bitrix24 web server is behind a firewall where all ports are closed with the exception of those which are used for system purposes. Technical access to the server is carried out exclusively through Bitrix subnets.
All data centers used by Bitrix24 are protected in compliance with SAS 70 Type II (which includes access to the physical storage media based on biometric data and maximum protection against intrusion) and conform to the Safe Harbor standard.
User data (data of each company/client) is separated at the database and cloud storage levels. The data of different companies is isolated in such a way that there is no possibility of receiving access to access of another user by accident.
A specialized server environment which does not allow write access to the local file system is used along with a customized PHP module which ensures isolation among users and security of user data.
Authentication data sent by a client machine can be encrypted using JavaScript and RSA key. Additionally, OTP (one-time password) technology can be engaged in conjunction with an eToken.
Data transfer for all users is carried out via an SSL-encrypted connection (with a 256-bit key).
Bitrix' proactive protection blocks 100% of web attacks attempting to use application vulnerabilities. Malicious users do not have any opportunity to load malicious code via PHP. The web application conforms to WAFEC 1.0 standards. Access to Bitrix24 is provided to users (companies) in complete isolation from other users, with hashed passwords protected with cryptographically strong algorithms. Limitation to specific subnets and logging of potentially threatening activity is also possible.
Cookies: This website uses cookies for analytical and technical reasons. ‘Analytical Cookies’ are inserted by Google Analytics to help us understand which countries our visitors come from, which pages they visit and what actions they take on this site. ‘Strictly Necessary Cookies’, as the name implies, are a type of cookies that are required for proper functioning of certain features of this website, such as the ability to use live chat. Disabling these cookies will disable access to those features and degrade your website experience.
Cookies of both types can be enabled or disabled within this plugin.
More information about our Cookie Policy