The user is informed about security practices


Service: Bitwarden
Status: approved
Changes: 4
Source: link
Author: (deactivated)


Bitwarden enforces a written security information program. Our program:</p> <ul> <li>aligns with industry recognized frameworks;</li> <li>includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our users' data;</li> <li>is appropriate to the nature, size, and complexity of Bitwarden's business operations;</li> <li>includes incident response and data breach notification processes. and</li> <li>complies with applicable information security related laws and regulations in the geographic regions where Bitwarden does business.</li>
In the Privacy Policy, it states that "Bitwarden enforces a written security information program. Our program: aligns with industry recognized frameworks; includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our users' data; is appropriate to the nature, size, and complexity of Bitwarden's business operations; includes incident response and data breach notification processes; and complies with applicable information security related laws and regulations in the geographic regions where Bitwarden does business." They also state that, "Transmission of data on Bitwarden is encrypted using SSH, HTTPS, and SSL/TLS. By design, your vault information is encrypted prior to being transmitted to our servers and is therefore encrypted at rest." Bitwarden is also open source.


Comments:
On 2019-09-25 04:56:37 UTC, omhqit wrote:

declined: This is a lot of text that gives zero specifics about what industry standards they follow or what practices they use.

On 2019-09-25 04:57:14 UTC, omhqit wrote:

approved: My mistake, the source text actually does talk about specific. Change to approved.



We track editorial changes to analyses and updates to a point's status and display the previous versions here as part of an effort to promote transparency regarding our curation process.

Version 1: 2019-09-25 04:57:14 UTC by omhqit

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: No changes recorded

Updated Analysis: No changes recorded

Previous Status: declined

Updated Status: approved

Version 2: 2019-09-25 04:56:37 UTC by omhqit

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: No changes recorded

Updated Analysis: No changes recorded

Previous Status: pending

Updated Status: declined

Version 3: 2019-05-18 19:40:32 UTC by

Previous Title: No changes recorded

Updated Title: No changes recorded

Previous Analysis: Generated through the annotate view

Updated Analysis: In the Privacy Policy, it states that "Bitwarden enforces a written security information program. Our program: aligns with industry recognized frameworks; includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our users' data; is appropriate to the nature, size, and complexity of Bitwarden's business operations; includes incident response and data breach notification processes; and complies with applicable information security related laws and regulations in the geographic regions where Bitwarden does business." They also state that, "Transmission of data on Bitwarden is encrypted using SSH, HTTPS, and SSL/TLS. By design, your vault information is encrypted prior to being transmitted to our servers and is therefore encrypted at rest." Bitwarden is also open source.

Previous Status: No changes recorded

Updated Status: No changes recorded

Version 4: 2019-05-18 19:39:03 UTC by

Previous Title:

Updated Title: The user is informed about security practices

Previous Analysis:

Updated Analysis: Generated through the annotate view

Previous Status:

Updated Status: pending