Trust · Security
Built for the operators
your InfoSec team will trust.
Inventory data is operational. It's also sensitive. These are the controls and practices that keep Binlogic safe to run in production.
Controls
Six pillars, applied across the platform.
Encryption in transit & at rest
All traffic to Binlogic is served over TLS 1.2+ with modern cipher suites. Customer content is encrypted at rest using AES-256 on managed cloud storage.
Role-based access control
Every user is assigned a role with the minimum permissions required. Sensitive actions (counts adjustments, settlements, exports) are gated and logged with the actor identity.
Data integrity at point of entry
Inventory is verified against ASNs at receive, with photo documentation and Quality Hold workflows so damaged or mismatched goods never enter general stock.
Audit trail
Every event is logged: receive, putaway, count, pick, pack, ship. Each entry is timestamped and tied to a specific user and device, exportable on request.
Hardened infrastructure
Hosted on tier-one cloud infrastructure with isolated environments, automated backups, and continuous monitoring of platform health.
Identity & SSO
Strong password policies and 2FA by default. SSO via SAML or OIDC available on enterprise plans, with SCIM user provisioning on request.
Operational practice
How we run the platform every day.
- Vulnerability management
- Dependencies and infrastructure are scanned continuously. Critical findings are triaged within one business day; security releases ship outside the standard release cadence when needed.
- Incident response
- We follow a documented incident response process with defined severities, on-call rotation, and customer notification commitments per contract.
- Backups & disaster recovery
- Customer data is backed up on a continuous basis with encrypted offsite copies. Recovery procedures are tested on a regular cadence.
- Sub-processors
- We use a small set of vetted sub-processors for hosting, email, analytics, and support. Each is bound by a written DPA and listed on request.
- Personnel & access
- Employees receive security training on hire and annually thereafter. Production access is limited to a small group, gated by SSO + 2FA, and logged.
- Responsible disclosure
- Found something? Email security@binlogic.com. We commit to acknowledging valid reports within two business days and to working in good faith on a fix.
More documentation