Security and disaster recovery procedures for Bluebeam Studio.
How Safe Are My Files in Bluebeam Studio?
From time to time, we receive questions from Bluebeam Studio users about the safety of the files they’re uploading to Bluebeam Studio. These concerns usually revolve around the overall level of document and system security, as well as what would happen in the event of an infrastructure failure.
To help clarify these important points, we’ll provide an overview of these areas…
Data and System Security
Regarding the security of your files and the Studio infrastructure, we’ve implemented the following measures:
In addition to the encryption of all SQL server backups and developer hard drives, all documents are automatically encrypted (both in-transit and at rest) when uploaded to a Studio Session or Project using Revu 2015 and above.
We’ve ensured that all server instances perform in the same manner and are subjected to the same network policies and restrictions, by building them based on a validated and tested “template.” Once they’ve been deployed, the following steps and policies are in place in order to provide additional security while maintaining consistency across the infrastructure:
Controlled Administrator Access: Only a select group of people are allowed to have administrative rights within the Bluebeam Studio infrastructure.
Formal Change Control Process: All proposed system changes and enhancements are documented, and must be approved before they can be tested and eventually implemented in the production environment.
Inventory of Authorized Devices: Regular system audits are performed, which ensures that unauthorized devices are never connected to the infrastructure.
Constant Vulnerability Assessment and Remediation: We’ve implemented a comprehensive vulnerability assessment and remediation process to address any security issues that may arise. These measures include antivirus protection, a proactive system patching policy, as well as file integrity monitoring, which detects unauthorized changes to the systems.
Disaster Recovery (DR)
Bluebeam Studio includes proactive infrastructure monitoring, which provides information and alerts on system availability, performance and error conditions. Along with this, the Bluebeam Studio team regularly tests their disaster recovery procedures.
To handle the unfortunate event of an infrastructure failure, we’ve also put the following contingencies in place:
Full backups of the SQL Databases are performed on a daily basis, with hourly incremental backups in between. These backup files are stored away from production servers, and their integrity is checked periodically.
If the primary server fails, all traffic will automatically be switched to a secondary server.
For more in-depth information, please refer to the Bluebeam Studio Security & Disaster Recovery Guide which can be found on our Manuals & Help page.