We use cookies to provide you with the best possible user experience. If you continue to use the site without changing your cookie settings, we assume you are fine with our cookies and the way we use them. The cookies store information about how you use our website, and help you use some of the functions on the site. Our cookies do not store any sensitive information, and we never use your cookies for targeted advertising. If you want, you can change your computer’s settings so that it does not accept cookies. We have information here on how you can do that.

Kontynuuj
  • loading..
  • loading..
  • loading..

Bentley Trust Center: Compliance

Bentley’s cloud offerings are designed with operational best practices and robust controls to deliver compliance that you can rely on. Bentley partners with leading cloud service providers so that you can benefit from data centers and network architecture built to satisfy the most stringent industry standards and country-specific requirements. The following compliance standards and information attests to the security and dependability of Bentley’s named cloud services offerings.



Bentley Managed Services
ProjectWise 
ConstructSim Work Package Server
AssetWise (eB Insight V8i)

The systems and processes that support Bentley Managed Services are ISO/IEC 27001:2013 certified. ISO/IEC 27001:2013 is one of the most widely recognized information security standards. Compliance with ISO/IEC 27001:2013 is certified by A-LIGN, an ANAB accredited ISO 27001 certification body. View the Bentley Managed Services ISO/IEC 27001:2013 certificate and the current ISO/IEC 27001:2013 Statement of Applicability

ISO 27001:2013 surveillance audit completed: October 26, 2016. A-LIGN conducted the surveillance audit from the company’s corporate facility in Exton, Pennsylvania. A-LIGN conducted on-site audit procedures including interviews of key personnel, observation of processes and controls, review of documentation, and analysis of documentation of audit findings during the site visits.

Bentley Managed Services
Bentley CONNECT Cloud Services
Bentley SUPERLOAD

Bentley Managed Services is a Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) registrant. Bentley has completed the Consensus Assessments Initiative Questionnaire (CAIQ) providing answers to nearly 300 questions a cloud user or a cloud security auditor may wish to ask of a cloud provider. The CSA STAR is a publicly accessible registry that documents the security controls provided by various cloud computing offerings. The registry helps users assess the security of the cloud providers they currently use or are considering contracting with. View the CAIQ's for Bentley Systems.

Bentley Managed Services
AssetWise CONNECT Edition
Bentley Connected Data Environment (CDE)
BIM Strategic Consulting
ComplyPro
ProjectWise CONNECT Edition

Government Cloud (G-Cloud) is a UK government initiative to promote government-wide adoption of cloud computing. The G-Cloud framework is an agreement between the government and suppliers who provide cloud-based services. The Crown Commercial Service (an agency that works to improve commercial and procurement activity by the government) awarded Bentley Systems International Limited G-Cloud 9 status for the following cloud software offerings and associated Implementation and Success Plan services: Bentley Connected Data Environment (CDE), AssetWise CONNECT Edition, ProjectWise CONNECT Edition, and ComplyPro.

Bentley CONNECT Cloud Services

Bentley CONNECT Cloud Services are designed to keep user data secure with enterprise grade security, which is demonstrated with the granting of a SOC2 Type I and a Type II report by a certified AICPA auditing body. Bentley CONNECT Cloud Services are audited annually against the SOC reporting framework by qualified independent computer-security auditors. The scope of audit for Bentley CONNECT Cloud Services covers controls applicable to in-scope trust principles for each service. In general, the availability of these reports is restricted to customers who have signed non-disclosure agreements with Bentley.

EU-U.S. Privacy Shield Framework

Privacy Shield
Bentley complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the transfer and use of personal information from the European Union to the United States. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.


EU General Data Protection Regulation

EU GDPR
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) went into effect.  The GDPR imposes new obligations that will impact companies and other organizations around the world that offer goods and services to European Union residents or that collect and process data tied to EU residents.

Bentley believes that the GDPR is an important step to strengthen and harmonize data protection of EU residents’ personal data. Learn more about Bentley’s Compliance with the GDPR here.  Bentley’s list of subprocessors are available here.

Report a security concern

Bentley’s security team investigates all reports of security vulnerabilities affecting Bentley products and services. If you have a security concern or are a security researcher and believe you have found a security vulnerability involving Bentley products and services, please contact us so that we can protect the integrity of our products and services.