This article applies to:
- Bluebeam Cloud
This document provides an overview of technical elements concerning features and information that may be helpful in maintaining your security while using our web and mobile app solution, Bluebeam Cloud.
Access Bluebeam Cloud
With a Bluebeam subscription (Basics, Core, or Complete), users get access to Revu 21 (our subscription-based desktop application), Studio Sessions and Projects, and Bluebeam Cloud web and mobile applications. Access to all these services requires authentication with a username and password associated with a Bluebeam ID (BBID).
To access Bluebeam Cloud:
For more information about compatible operating systems and browsers, click here.
All BBID passwords must be between 8 and 32 characters with at least one uppercase letter, one lowercase letter, one number, and one special character, such as !@#$%^&*. Passwords are hashed prior to storage, using a strong one-way hash algorithm with cryptographic salting to further safeguard passwords in storage.
All Studio server connections are initiated by Revu clients. In Bluebeam Cloud, there are no system requirements for server to client communication. All communication and transmission of files, markups, other rich data, and all authentication is encrypted through HTTPS.
To compare Studio and Bluebeam Cloud for your project management needs, visit this guide.
See below the domains and ports used by Bluebeam Cloud, including Studio services. If you are only accessing a specific geographical environment, you only need to allowlist the domains specific for that environment, along with the required global services.
Bluebeam Email Domains
We use the following domains to communicate with end users for support, licensing, and information related to Bluebeam Cloud. These emails are sent on our behalf by amazonses.com. Allowlisting these domains may be necessary to ensure successful email transmission.
Data + System Security
Bluebeam has a comprehensive Information Security program based on industry-standard security frameworks. For more details about our organization security controls, including vulnerability management, physical and datacenter security, network security, and encryption, please click here.
SOC 2 Compliance
The Bluebeam System and Organization Controls (SOC) Report is an independent third-party examination report that demonstrates how Bluebeam achieves key compliance controls and objectives. Bluebeam undergoes an annual SOC 2 audit performed by an external and independent third-party assessor annually to verify the implementation and effectiveness of our security controls. Our report covers the SOC 2 Trust Services Criteria of Security and Availability.
If you would like to request a copy of the report, please contact your Bluebeam representative for more information. If you do not have a Bluebeam representative, contact us for further assistance.