75% of customers report that they wouldn’t purchase from a company they didn’t trust to protect their data. This is understandable. With the increasing prevalence and sophistication of cyberattacks, the issue of cybersecurity is at the forefront of most people’s minds – particularly those adopting new technology in their homes and businesses. These individuals need to be able to trust those who are handling their information. This is why we at BrainBox AI , who deal with data daily, work continuously to uphold our customers’ confidence by maintaining data security protocols, following industry best practices, and maintaining our SOC 2 certification.
What is data security?
Data security is a set of standards and technologies that protect digital information from being intentionally or accidentally destroyed, modified, or disclosed. It encompasses every aspect of information security, from the physical security of hardware and storage devices to administrative and access controls. It also includes the security of software applications and organizational policies and procedures.
When properly implemented and maintained, robust data security policies not only protect an organization’s information against cybercrime, but they also safeguard against insider threats and human error (which remains one of the leading causes of data breaches today). That’s why regulations and policies are in place and should be complied with on a consistent basis.
How do we at BrainBox AI protect our customers’ data?
“BrainBox AI takes data security seriously. Even in our earliest design phases, we accounted for the fact that our product would need to incorporate strong technical controls in order to avoid introducing additional cyber risk to our customers’ systems,” says CTO of BrainBox AI, Jean-Simon Venne.
Since the installation of third-party systems into buildings and the connectivity of these systems themselves inherently introduce risk, BrainBox AI employs, and regularly updates, modern cyber security controls in each step of its operations to effectively mitigate the probability of a data breach.
“To collect a building’s data, we are going into that building, we are connecting to their BMS systems, and we are opening a connection back up to our cloud. Each facet in that pipeline of connectivity needs to be secure,” says Saeid Vosoughi, AI Architect at BrainBox AI.
Indeed, BrainBox AI’s solution involves the installation of a physical box in the mechanical room of the customer’s building. This box connects to a building’s HVAC master controller using industry standard protocols such as BACnet. It then collects data from the controller, such as:
Supply and return air speed and temperature
Current thermostat temperature and thermostat set-point temperatures
CO2 levels and air quality readings
Fan speeds and damper motor positions
Existing controller settings
It is important to note that we never collect any personal data (as defined by the Personal Information Protection and Electronic Documents Act). Nevertheless, we understand that our customers value the protection of all of their data, which is why, Vosoughi says, “our default is to assume that all of our customers’ data is confidential.”
This is why we go above and beyond to ensure every bit of the data we collect is encrypted at each stage of our process, following our own and our customers’ security protocols and policies. In addition to this, we are dedicated to consistently maintaining our security frameworks, ensuring they align with the guidance issued by the National Institute of Standards and Technology, and that our SOC 2 certification is up to date.
What is a SOC 2 certification?
SOC (which stands for Service Organization Control) is a compliance standard that, once obtained, proves that the holder of the certification has certain controls in place to maintain the integrity and security of the data they collect and work with.
SOC 2 is specifically focused on operations and compliance, especially with regard to cloud computing and data security. In order to maintain our SOC 2 certification, each year BrainBox AI must undergo a rigorous audit of our team and processes by qualified external auditors. In this audit, we are assessed on the extent to which we comply with one or more of the 5 trust principles based on the systems and processes in place: security, confidentiality, processing integrity, privacy, and availability.
BrainBox AI: your data’s sanctuary
Our SOC 2 certification is just one way in which we at BrainBox AI ensure that every step of our operations is safeguarded from data breaches and cyber security attacks. Our customers’ confidence and trust in us and in our processes are of utmost importance to us, which is why we are so committed to ensuring that all of our internal controls, policies, and procedures are evaluated against industry best practices with the ultimate goal of protecting our customers’ precious data.