Security and Trust

Security and Trust

Join the remote work revolution.
Remote work is here to stay. Firstbase helps you create better experiences and deliver a higher quality of life for your people.
Join the remote work revolution.
Remote work is here to stay. Firstbase helps you create better experiences and deliver a higher quality of life for your people.
Join the remote work revolution.
Remote work is here to stay. Firstbase helps you create better experiences and deliver a higher quality of life for your people.

At Firstbase, we have a security-first approach. As keepers of our clients' sensitive data, we know your trust is imperative. Our comprehensive approach means you can have peace of mind knowing that your data is safe with Firstbase.

At Firstbase, we have a security-first approach. As keepers of our clients' sensitive data, we know your trust is imperative. Our comprehensive approach means you can have peace of mind knowing that your data is safe with Firstbase.

Firstbase

Security Compliance

Firstbase currently holds an AICPA SOC 2 Type I report. This certification covers a number of security-related control objectives including: Secure Development Management, Change Management, Human Resource Security, Data Management, 3rd Party Risk Management, BCDR Management, Risk Management, Physical Security, and Technology / Security Ops Management.

Security Testing of Controls

Firstbase undergoes regular third-party penetration testing to ensure the integrity of our application. Our dedicated security team also performs ongoing internal security reviews and vulnerability assessments to keep us compliant with the highest security standards.

Platform Security

Firstbase employs robust technical security safeguards to protect data and systems. All data is encrypted in transit using SSL/TLS and at REST using industry-standard AES-256 encryption algorithm. A Web Application Firewall (WAF) is also implemented to further enhance the security by protecting APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. Access to client data is protected by two-factor authentication and restricted based on roles designed for segregation of duties and need-to-know access control principles.

Security Compliance

Firstbase currently holds an AICPA SOC 2 Type I report. This certification covers a number of security-related control objectives including: Secure Development Management, Change Management, Human Resource Security, Data Management, 3rd Party Risk Management, BCDR Management, Risk Management, Physical Security, and Technology / Security Ops Management.

Security Testing of Controls

Firstbase undergoes regular third-party penetration testing to ensure the integrity of our application. Our dedicated security team also performs ongoing internal security reviews and vulnerability assessments to keep us compliant with the highest security standards.

Platform Security

Firstbase employs robust technical security safeguards to protect data and systems. All data is encrypted in transit using SSL/TLS and at REST using industry-standard AES-256 encryption algorithm. A Web Application Firewall (WAF) is also implemented to further enhance the security by protecting APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. Access to client data is protected by two-factor authentication and restricted based on roles designed for segregation of duties and need-to-know access control principles.