BL.INK Security Preparedness 101

At BL.INK, we uphold a stringent policy that safeguards the privacy and security of our short links and QR codes.

We do not grant permission for any search engine to index our short links. This intentional measure ensures that the content and destinations associated with our short links remain within the scope of intended audiences, providing an extra layer of control and confidentiality for both our users and their shared resources.

In addition to this commitment, we have summarized the most common questions for those organizations that put security and compliance at the forefront like we do.

Overall Security Posture

Legal Name: Blink Global LLC, A Deleware Corporation.

Transparency: BL.INK publishes documentation of our compliance against global standards including certifications, policies attestations, audit reports and real-time evidence monitoring at https://bl.ink/trust.

Certifications: BL.INK is SOC 2 Type 2, accredited by MJD Advisors, August 2023.

GDPR: This page lists our ongoing efforts to maintain compliance with the EU’s General Data Protection Regulation (GDPR). Please visit: https://bl.ink/gdpr

Penetration Testing: BL.INK performs two penetration tests per year.

Request a Signed Data Processing Agreement (DPA): You can request an official copy here.

Product Security

Uptime: BL.INK boasts an uptime rate of 99.9% or higher, ensuring continuous service availability, please visit http://status.bl.ink to monitor the status of our systems and see our historic availability.

Permissions: BL.INK offers role-based access control for user seats within the application. Permission levels encompass control over app settings and billing, account configurations such as domains and link parameters, and visibility and control over links and data.

Single Sign-On (SSO): BL.INK enforces SSO to authenticate users within their own systems, eliminating the need for additional login credentials. SSO can be offered within an Enterprise account upon request, and may be factored in to the subscription cost.

Password and Credential Storage: Alongside SSO, BL.INK maintains a robust password complexity standard using a minimum of 16 characters and secures credentials using advanced hash algorithms.

Network and Application Security

Data Hosting and Storage: BL.INK utilizes Amazon Web Services (AWS) facilities in the USA East 1, East 2 and West 2 region to host its services and data. Data is able to be hosted in other geographies upon request within an Enterprise account, at an additional cost.

Virtual Private Cloud (VPC): All BL.INK servers reside within a private virtual cloud equipped with network access control lists to prevent unauthorized requests.

SSL Encryption: All data transmitted to and from BL.INK is encrypted using 256-bit encryption. The API and application endpoints score an "A+" rating on Qualys SSL Labs' tests.

TLS Encryption: All Communications use Transport Layer Security (TLS) Version 1.2 and higher.

Failover and Disaster Recovery (DR): BL.INK's infrastructure and data are distributed across two AWS availability zones, designed with disaster recovery capabilities. Recovery Point Objective of 12:00 am central time and Recovery Time Objective (RTO) of 4 hours.

Backups and Monitoring: BL.INK employs Amazon RDS's daily backup solution for databases containing customer data.

Permissions and Authentication: BL.INK operates entirely over HTTPS. Customer data access is limited to authorized personnel. A zero-trust network model is maintained, supplemented by SSO, 2-factor authentication (2FA), and strong password policies.

Incident Response

BL.INK follows a structured protocol for handling security events, involving escalation procedures, swift mitigation, and post-incident analysis. All employees and contractors are well-informed about these policies.

Request the removal of personally identifiable information and/or account data by emailing privacy@bl.ink and we will respond within 72 hours.

Additional Security Measures

Confidentiality: Confidentiality agreements are integral to all BL.INK employment contracts, emphasize the protection of sensitive information.

Background Checks: Background verification checks for all candidates, employees and contractors are carried out in accordance with relevant laws, regulations, and ethics, and proportional to the business requirements.

Privacy: BL.INK regularly updates our privacy policy and monitors changing standards. Please visit: https://www.bl.ink/privacy-policy.

Terms of Service: Please visit https://www.bl.ink/terms-of-service.

Training: Every BL.INK employee and contractor undergoes annual Security and Awareness training to foster a security-conscious software and operational culture. Regular monthly training is also conducted and audited by our Vice President of Operations.

Policies: BL.INK maintains an evolving set of comprehensive security policies, encompassing various topics and shared across the organization. You may review current policies at http://bl.ink/trust.

PCI Obligations: Credit card payments for BL.INK subscriptions are managed through Chargebee, a partner with strong security measures and PCI compliance. BL.INK itself is also PCI Compliant, via self-attestation.