Policies and Logging. The Braze Services are operated in accordance with the following procedures to enhance security: ● Dashboard User passwords are never transmitted or stored in clear text ● Braze uses industry-standard methods to determine password validity ● API key information for third-party services provided by the customer are encrypted for storage ● Braze keeps audit logs for all access to production servers ● Server access is controlled via public key access, instead of passwords, and only permitted while on VPN that requires multi-factor authentication ● Logs are stored in a secure centralized host to prevent tampering ● Braze application and ssh audit logs are stored for one year ● Passwords are not logged under any circumstances ● Access to Braze mail and document services is only allowed on approved mobile devices that have automated security policies enforced, such as encryption, autolock and passwords ● All access to customer dashboard accounts by Braze Employees must be done through an internal service that is accessible via a 3-factor VPN only ● As part of Braze’s Employee Information Security Policy, employees may not store any Customer Data on removable media
Appears in 5 contracts
Samples: Data Processing Addendum, Data Processing Addendum, Data Processing Addendum
Policies and Logging. The Braze Services are operated in accordance with the following procedures to enhance security: ● Dashboard User passwords are never transmitted or stored in clear text ● Braze uses industry-standard methods to determine password validity ● API key information for third-party services provided by the customer are encrypted for storage ● Braze keeps audit logs for all access to production servers ● Server access is controlled via public key access, instead of passwords, and only permitted while on VPN that requires multi-factor authentication ● Logs are stored in a secure centralized host to prevent tampering ● Braze application and ssh audit logs are stored for one year ● Passwords are not logged under any circumstances ● Access to Braze mail and document services is only allowed on approved mobile devices that have automated security policies enforced, such as encryption, autolock and passwords ● All access to customer dashboard accounts by Braze Employees must be done through an internal service that is accessible via a 3-factor VPN only ● As part of BrazeXxxxx’s Employee Information Security Policy, employees may not store any Customer Data on removable media
Appears in 4 contracts
Samples: Data Processing Addendum, Data Processing Addendum, Data Processing Addendum
Policies and Logging. The Braze Services are operated in accordance with the following procedures to enhance security: ● Dashboard User passwords are never transmitted or stored in clear text ● Braze uses industry-standard methods to determine password validity ● API key information for third-party services provided by the customer are encrypted for storage ● Braze keeps audit logs for all access to production servers ● Server access is controlled via public key access, instead of passwords, and only permitted while on VPN that requires multi-factor authentication ● Logs are stored in a secure centralized host to prevent tampering ● Braze application and ssh audit logs are stored for one year ● Passwords are not logged under any circumstances ● Access to Braze mail and document services is only allowed on approved mobile devices that have automated security policies enforced, such as encryption, autolock and passwords ● All access to customer dashboard accounts by Braze Employees must be done through an internal service that is accessible via a 3-factor VPN only ● As part of BrazeXxxxx’s Employee Information Security Policy, employees may not store any Customer Data on removable media
Appears in 1 contract
Samples: Data Processing Addendum
Policies and Logging. The Braze Services are operated in accordance with the following procedures to enhance security: ● Dashboard User passwords are never transmitted or stored in clear text ● Braze uses industry-standard methods to determine password validity ● API key information for third-party services provided by the customer are encrypted for storage ● Braze keeps audit logs for all access to production servers ● Server access is controlled via public key access, instead of passwords, and only permitted while on VPN that requires multi-factor authentication ● Logs are stored in a secure centralized host to prevent tampering ● Braze application and ssh audit logs are stored for one year ● Passwords are not logged under any circumstances ● Access to Braze mail and document services is only allowed on approved mobile devices that have automated security policies enforced, such as encryption, autolock and passwords ● All access to customer dashboard accounts by Braze Employees must be done through an internal service that is accessible via a 3-factor VPN only ● As part of Braze’s Employee Information Security Policy, employees may not store any Customer Data on removable media
Appears in 1 contract
Samples: Data Processing Addendum