Security Is Step Zero

All of our vendors have passed stringent tests for reliability, durability and up time. We use the latest in cloud technology to ensure all data is kept in a secure and reliable fashion. The BLAZE team works hard to keep data safe and the system as protected as possible. If your team would like to discuss in more detail, please reach out to support@blaze.me to set up a meeting with our security experts.

SOC 1 Type II Certified

BLAZE® has been awarded the AICPA SOC 1 Type II certification and is one of the few retail cannabis software company to complete this intensive auditing process. SOC 1 certification evaluates the actual BLAZE application and how data is entered, stored, transformed, and reported. Type II covers a greater span of time and consists of a more thorough investigation of a system’s design and processes. It also evaluates the fidelity of the compliance integrations such as Metrc and BioTrack traceability.

SOC 2 Type II Certified

BLAZE® has been awarded the AICPA SOC 2 Type II certification and is one of the few cannabis tech companies to undergo this intensive auditing process. SOC 2 certification affirms and validates our processes in critical areas such as security, data storage, system access, disaster recovery, and vendor management. The Type II moniker denotes a more meticulous audit that evaluates how effective controls and procedures are by observing operations over an extended period of time.

HIPAA Compliance

BLAZE® has deployed and implemented applicable security policies and procedures to ensure BLAZE® is compliant with all applicable rules and regulations of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. For HIPAA compliance purposes, BLAZE® is considered a Business Associate. BLAZE® will enter into Business Associate Agreements (BAA’s) with its customers that wish to utilize BLAZE® to access, process, transfer and/or store its Protected Health Information (PHI) that is produced, saved, transferred, or received in electronic form.

Please contact compliance@blaze.me if you desire a BAA with BLAZE®.

Ultra-secure web encryption: 256-bit SSL

Your transmitted data is kept safe using the highest encryption standard available: 256-bit SSL. This is the same technology that banks use to keep your account information safe. All account information you provide, including passwords and personal details, is protected using this technology.

State-of-the-art backups: Always backed up

We use state-of-the-art data storage and firewall technologies to ensure that your information is always backed up, no matter what happens.

Multiple secure locations

Our system stores backups in multiple secure locations that are updated throughout the day, every day.

Excellent Security in the Cloud with AWS

Our system runs completely on the leading cloud provider, Amazon Web Services (AWS). AWS provides the best of the best when it comes to infrastructure security. Our team is following best practices and leverages HIPAA guidelines to ensure safety and durability of client data.

Web Application Firewall (WAF)

We leverage the latest in WAF technologies to ensure bad actors do not take down the system via denial of service (DDOS) attacks. BLAZE monitors all calls to the platform and can detect patterns before they become a problem.

Key rotation done right

Encryption is only if the encryption key is private and secret. Our system leverages key rotation as a means to ensure all data is locked down with a key that changes often. In addition, we use a secure location to store and use encryption keys, using FIPS 140-2 validated hardware security modules where unencrypted keys are only used in memory. This is like hiding your key in the federal reserve.