Bentley Trust Center

Bentley is committed to keeping our users’ data safe and secure, and being transparent about the way we do it. Our robust privacy and data protection, security, and compliance standards and certifications attest to that.

Privacy

As a global software company, estamos comprometidos con la protección de los datos personales de nuestros usuarios.

 

PROTECTING YOUR DATA

Privacy is built into our products and services as well as our culture, lo que nos permite ser ágiles a la hora de ajustarnos a la evolución de las leyes y reglamentos. Nuestros acuerdos, policies, and statements explain how we employ privacy measures in our products and services.

Security

Our security and privacy controls are regularly scrutinized by independent auditors, obtain certifications, attestations, and reports that affirm our commitment to our users.

COMMON VULNERABILITY EXPOSURE (CVE) PROGRAM

Bentley strives to publish important security advisories that help our users mitigate risks for a subset of our desktop products. These advisory pages are Bentley’s source of information to our user community for potential risks in our products. Although we generally recommend updating to the latest product versions, algunos consejos incluyen información más detallada sobre mitigación de riesgo y detalles de versiones afectadas. Nuestros consejos están a menudo vinculados a entradas de CVE. Este proceso, the information in the advisories, and the website are all subject to change.

REPORT A SECURITY CONCERN

Bentley’s security team investigates all reports of security vulnerabilities affecting Bentley products and services. If you have a security concern or are a security researcher and believe you have found a security vulnerability involving Bentley products and services, lea nuestro programa de divulgación responsable y envíenos un informe.

Send Security Report

 

Compliance

The following compliance section describes our current certifications, testimonios e informes. Esta información se facilita como una ventaja a nuestros usuarios para demostrar nuestro compromiso con la seguridad y las buenas prácticas del sector. Como se requiera por estándares específicos, these Control Programs undergo regular independent external audits.

ISO 27001 CertificationISO 27001 Certification

ISO 27001


The systems and processes that support Bentley Managed Services are ISO/IEC 27001:2013 certified. ISO/IEC 27001:2013 is one of the most widely recognized information security standards. Compliance with ISO/IEC 27001:2013 is certified by A-LIGN an ANAB accredited ISO 27001 certification body. View the Bentley Managed Services ISO/IEC 27001:2013 certificate and the current ISO/IEC 27001:2013 Statement of Applicability.

Products in scope of Bentley’s ISO 27001 certification for Managed Services include AssetWise (eB Insight V8i), Servidores de paquetes de trabajo de ConstructSim, and ProjectWise.

ISO 27001:2013 recertification audit completed: September 17, 2021. A-LIGN realizó una auditoría completa virtualmente. La auditoría incluyó procedimientos de, interviews of personnel, controls, revisión de documentación y análisis de documentación de las conclusiones de la auditoría.

AICPA SOC Report frameworkAICPA SOC Report framework

Informes de control interno (SOC)


Los sistemas de información de Bentley como servicio están diseñados para mantener los datos de usuario seguros, con seguridad de nivel empresarial, y se auditan anualmente conforme al marco de información SOC por auditores de seguridad informática independientes y cualificados. El ámbito de la auditoría comprende los controles aplicables a los principios de confianza para cada servicio. Generalmente, la disponibilidad de estos informes está restringida a los clientes que hayan firmado acuerdos de confidencialidad con Bentley.

 

Bentley Cloud Services

  • To request the SOC 2 Type 2 report, póngase en contacto con su gestor de cuenta. Si usted no tiene actualmente una cuenta de Bentley y le gustaría solicitar un informe SOC 2, contact us.
  • The SOC 3 report is designed to be a public document containing a high-level summary without the confidentiality and NDA requirements of the SOC 2 report. Contact us to request SOC 3 report.

 

Bentley Managed Application Platform (B-MAP)

  • To request the SOC 2 Type 1 report, póngase en contacto con su gestor de cuenta. Si usted no tiene actualmente una cuenta de Bentley y le gustaría solicitar un informe SOC 2 Tipo 1, contact us.
  • NOTE: Bentley is engaged with its independent external auditing firm and anticipates having the SOC2 Type 2 and SOC3 Reports available in late 3Q2023.
ISO 9001:2015ISO 9001:2015

ISO 9001:2015


Bentley Systems (UK) Ltd has an ISO 9001 certification for part of the UK business activities of Cohesive, una unidad de negocio de Bentley Systems Inc. Cohesive presta servicios durante el ciclo de vida completo del activo incluyendo Entrega - Funcionamiento y Optimización.

The scope of the ISO 9001 relates to the ‘Deliver’ and ‘Operate’ Service activities in the UK. View the Bentley Systems (UK) Ltd. ISO 9001:2015 certificate for the Deliver activities, y las Actividades de funcionamiento.

ISO 14001:2015ISO 14001:2015

ISO 14001:2015


Bentley Systems (UK) Ltd. tiene la certificación ISO 14001 para parte de las actividades comerciales de Cohesive en el Reino Unido, a business unit of Bentley Systems Inc (UK) Limited. Cohesive delivers services across the whole asset lifecycle covering Deliver – Operate and Optimize.

The scope of the ISO14001 relates to the “Deliver” activities Services. View the Bentley Systems (UK) Ltd ISO14001:2015 certificate.

Cyber Essentials PlusCyber Essentials Plus

Cyber Essentials Plus


Bentley Systems (UK) Ltd. has Cyber Essentials Plus accreditation, un marco de respaldo de la ciberseguridad del gobierno del Reino Unido., for the UK business activities of the Cohesive, trading as a business unit of Bentley Systems, Inc. Vea el certificado Cyber Essentials Plus de Bentley Systems (UK) Ltd.

Cloud Security AllianceCloud Security Alliance

Alianza de Seguridad en la Nube


Bentley Systems está adscrita al Registro de Confianza y Garantía de Seguridad (STAR), de la Alianza de Seguridad en la Nube (CSA). Bentley ha completado el Cuestionario de la Iniciativa de Evaluaciones de Consenso (CAIQ) para múltiples productos y servicios con el fin de facilitar respuestas a casi 300 preguntas que un usuario de la nube o un auditor de seguridad de la nube pueda desear preguntar a un proveedor de nube. El STAR de CSA es un registro accesible al público que documenta los controles de seguridad facilitados por varias ofertas de computación en la nube. El registro ayuda a los usuarios a valorar la seguridad de los proveedores de seguridad en la nube que utilizan actualmente o con los que están considerando contratar. Vea los CAIQ para Bentley Systems.

EU General Data Protection RegulationEU General Data Protection Regulation

Reglamento General de Protección de Datos de la UE


El 25 de mayo de 2018 entró en vigor el Reglamento General de Protección de Datos de la Unión Europea (RGPD). El RGPD impone nuevas obligaciones que afectarán a empresas y otras organizaciones en todo el mundo que ofrecen bienes y servicios a residentes de la Unión Europea o que recogen y tratan datos vinculados a residentes en la UE.

Bentley believes that the GDPR is an important step to strengthen and harmonize data protection of EU residents’ personal data. Learn more about Bentley’s Compliance with the GDPR. Review Bentley’s list of subprocessors.

Government Cloud


G-Cloud 13 is an online catalogue where public sector customers can procure cloud-based computing services such as software and cloud support. The Crown Commercial Service (an agency that works to improve commercial and procurement activity by the UK government) has signed a framework agreement with Bentley Systems UK for the following cloud software offerings and associated implementation services: AssetWise ALIM","AssetWise Linear Analytics"," AssetWise Rail Condition Analytics (RCA)"," BCDE Common Data Environment"," ComplyPro, Servicios habilitados de iTwin, OpenCities Planner,"OpenGround"," ProjectWise"," Reality Modeling Cloud Service"," OpenFlows WaterSight"," Orbit 3DM Cloud"," Recurring Advancement Services Program"," SYNCHRO Control"," SYNCHRO Field"," SYNCHRO Perform"," SYNCHRO 4D.

Cyber Defence And Risk (CyDR)


The Cyber Defence and Risk (CyDR) accreditation from the UK Ministry of Defence (MOD) attests to the security of information and communication technology systems. Accreditation confirms that appropriate security measures are implemented for storing and processing MOD information. View Bentley CyDR accreditation certificate for cloud-based ProjectWise. The CyDR team reviews Bentley’s security processes annually.

Copyright © 2013 Magento, Inc. Todos los derechos reservados.