Software Security Statement

Beamex is committed to securing customer data using trusted industry standards. This Security Statement outlines our security infrastructure and practices to ensure the protection of your data.

At Beamex, security and reliability are top priorities in our solutions. Beamex follows the ISO 27001 Information Security Management standard across all its entities and operations and is on target to achieve certification in Q1 2025.

LOGiCAL platform undergoes continuous security testing by a CREST-certified provider, aiming to maintain an excellent security standard. Any identified risks are promptly addressed according to our quality processes. The latest security testing certificate is available upon request.

Request a copy of the latest security testing certificate

Infrastructure Security​

LOGiCAL services are hosted as PaaS (Platform as a Service) or IaaS (Infrastructure as a Service). With this hosting model, Microsoft Azure ensures that the latest security patches and technologies are applied across our entire infrastructure.

Microsoft Azure Cloud offers strong physical data center security and environmental controls. The infrastructure complies with key industry standards such as ISO 27001, HIPAA, FedRAMP, SOC 1, and SOC 2.

You can find more information from:

https://docs.microsoft.com/en-us/azure/security/fundamentals/infrastructure
https://docs.microsoft.com/en-us/azure/security/fundamentals/physical-security

Data Protection​

We safeguard connections to LOGiCAL websites and services using encrypted protocols, such as TLS 1.2. Data protection involves securing data before transmission, verifying the identities of the communicating parties, and decrypting and verifying data upon receipt. Data stored at rest (database, backups, logs) is secured using Microsoft’s Transparent Data Encryption (TDE).

Data Backup​

LOGiCAL data is securely backed up to ensure data integrity and availability. Beamex follows strict protocols for data backup and recovery to protect against any potential data loss.

Data Isolation​

LOGiCAL uses a multi-tenancy architecture with logical separation, ensuring each customer's data remains isolated and inaccessible to other tenants.

Access Control​

We use Microsoft Managed Identities to eliminate the challenge of managing secrets, credentials, certificates, and keys used to secure communication between services. The necessary passwords for our services are stored using the Azure Key Vault service, designed to protect keys and secrets, in the cloud.

The Beamex Sync Application​

The Beamex Sync application is software installed on your computer to synchronize instruments and results between Beamex calibrators and LOGiCAL. The Beamex Sync application executables are signed to prevent tampering, and the application does not store calibration related data on the computer during or after communication.

Available communication methods between Beamex calibrators and the Sync application are listed in below table

Application Development​

Our development team follows secure coding practices, separating development, QA, and production environments. Code changes undergo peer review, testing, and auditing before deployment to production. The code changes are managed with a version control system.

The development process is continuously validated by internal and external audits.

Beamex Personnel​

Beamex ensures that all staff are informed about its information security policies and require them to acknowledge these policies, alongside signing non-disclosure agreements. Regular privacy and security training sessions, including assessments, are conducted. Beamex employees utilize tools and follow processes that align with industry best practices in security. This approach includes providing access based on the principle of least privilege and only on a need-to-know basis.