Bead AI logoBead AI

Bead AI Trust Center

Bead AI is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.

security@usebead.ai

Compliance

Links

Privacy PolicyTerms of Service

Resources

SOC 2 Type II Report
Board of Directors Charter
Personnel Security Policy
Company Handbook
Risk and Governance Executive Committee Charter

Controls

Access control procedures
VPN access
Multifactor authentication
Access review of infrastructure
User list with assigned roles and privileges
Encryption of data
Backup and recovery policy
Source code tool
Outsourced Development Management
Sample code changes
Web application firewall
Vulnerability scanning
Intrusion detection tool
Infrastructure firewall
Infrastructure baseline hardening policy
Monitoring tool
Network diagram
Alerts and remediation
Security incident list
Breach notification communication
Whistleblower policy
Log management tool
Vendor management program
Vendor list
Vendor termination
Vendor onboarding
New employee and contractor agreements
Employee handbook
List of active employees & contractors as on date
List of newly hired employees & contractors
Customer onboarding
Multi-availability zones
Asset register maintaining
Risk and Governance Executive Committee meeting minutes
Risk management program
Information security policies and procedures
Asset register list
Patch management
Antivirus and malware configurations
Customer support issues resolved

FAQs

We perform reviews of SOC 2 reports from service providers at onboarding and annually to assess the appropriateness of scope and impact of identified exceptions. For critical vendors without SOC 2 reports but with access to company data, regularly scheduled risk assessments are performed to evaluate performance and compliance with security commitments.

We carry out background and/or reference checks on all new employees and contractors prior to joining in accordance with relevant laws, regulations and ethics. We utilize a pre-hire checklist to ensure the hiring manager has assessed the qualification of candidates to confirm they can perform the necessary job requirements.

Periodic tests are performed by authorized personnel that could include tabletop sessions, disaster simulations, or other realistic scenarios. Following each test, an assessment report is created indicating the success of the exercise and required corrective actions.