Security

Keeping your data secure requires constant vigilance. We are on it. Bluescape was designed from the ground up to meet the stringent requirements your enterprise demands.

At every turn, from initial rollout, to the ability to add new users easily with the appropriate permissions, and integration with the market’s top productivity tools, Bluescape prioritizes security.

Multi-Level Data Security

Bluescape utilizes separate datastores within AWS infrastructure for content, management, and meta-data, which is encrypted-at-rest by default. This is the only place where your data is stored.

Secure Key Management

Certificate and instance keys are both stored and managed in a secure vault, while encryption keys are managed using FIPS 140-2 validated hardware security modules using AWS KMS.

User Authentication & Authorization

Bluescape supports secure Single Sign-On through SAML2.0 providers including Okta, Azure AD, PingFederate, and more. Custom permissions and roles are available, along with user-level authorization within a private instance.

Third-Party Security Validation

Our test partners perform full pen testing on a quarterly basis as well as weekly Dynamic Application Security Testing (DAST) to support each and every code release.

ISO 27001 Certification Roadmap

Bluescape is ISO 27001 certified, adhering to the highest information security practices, policies, and standards to ensure our company, customers, and their data remain secure. View certificate here.

Total Visibility

For management and control visibility, you have access to all logs—across all systems and applications—for better problem diagnosis, tracking, aggregation, and log management.

Choose the Hosting and Security Options Right for You

Bluescape-managed SaaS Offering

Includes industry-standard security commensurate with other SaaS platforms. Deploys rapidly without investing in hardware or maintenance.

Implementation

Bluescape-managed, multi-tenant

Updates

Automatic

Release Policy

Managed, immediate

Scalability

Elastic

Additional Fees

None

Setup Fee

None

Customer-managed Keys

No

Enhanced Access Control

No

Time-to-Production

Immediate

Hosting Provider

AWS

Bluescape-managed Private Instance

Provides security isolation for those who require an increased security posture, including user authorization and authentication, ISO 27001 compliance, and 256-bit AES data encryption (in-transit and at-rest).

Implementation

Bluescape-managed, single tenant

Updates

Automatic

Release Policy

Managed, immediate

Scalability

Elastic

Additional Fees

Infrastructure, hosting, operational support

Setup Fee

None

Consumer-managed Keys

Available

Enhanced-Access Control

Yes

Time-to-Production

Immediate

Hosting Provider

AWS

Customer-managed Private Instance

Offers complete control over Bluescape implementation, hosted on your own cloud environment. Best for those whose SaaS platform requires multiple customers, owners, and admins.

Implementation

Customer-managed

Updates

Bluescape provided, installed and implemented by customer

Release Policy

Customer-determined

Scalability

Customer-determined

Additional Fees

Operational support, training

Setup Fee

Yes

Customer-managed Keys

Implicit

Enhanced Access Control

Yes

Time-to-Production

2 months managed transition

Hosting Provider

AWS

Work smart. Work safe. Work in Bluescape.