Introduction
At Breww we take the security of your data very seriously. We realise the importance of the data that you entrust us with, both with regards to ensuring it is always available to you so you can run your business, and also that it is kept private to you and your team only. All your data is handled in accordance with our privacy policy.
Protecting your data
We're committed to the security of our customers' data and provide multiple layers of protection for the personal, financial and "trade-secret" information that you entrust to Breww.
You control access
As a Breww customer you have the flexibility to invite unlimited users into your account to collaborate on your brewery and its data, and only "brewery admins" can control the different permissions/access allowed to other users. When you first set up your brewery in Breww and create a subscription, that user is the only "brewery admin". This user can invite and manage other users and even grant them "brewery admin" rights if required, however fine-grain access control is also possible (for example, to only allow a delivery driver access to the deliveries section of Breww). The Breww team cannot access your information unless you invite them to help and grant them access via a "support ticket".
User authentication
We provide standard access to the Breww software through a login and password. In addition we offer the option of using two-factor authentication (2FA). This provides a second level of security for your Breww account. It means you're also asked to enter a unique code (that's only valid for 30 seconds) generated by a separate authenticator app on your phone when logging in. We recommend you use 2FA as it reduces the risk of your Breww account being accessed if your password is compromised. In addition, brewery admins can enforce that all users of their brewery have 2FA set up to help implement account-wide security.
Data encryption
We encrypt all data that goes between you and Breww using industry-standard TLS (Transport Layer Security), protecting your personal and financial data.
TLS is the modern (more secure) alternative to SSL and is the reason you see a padlock icon and https://
(note the s
) on all Breww pages.
Some particularly sensitive data (such as security tokens) is also encrypted at rest, and all data is encrypted when we transfer it between data centres for backups.
Network protection
We have multiple layers of security controls in place to protect access to and within our infrastructure, including firewalls, intrusion protection systems and network segregation. Breww's security services are configured, monitored and maintained according to industry best practice.
Secure data centres
Breww's servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. We use one of the world's leading "cloud" providers so can piggy-back on their extensive security processes and protocols. These controls include 24/7/365 monitoring and video surveillance, on-site security staff, access lists, exit procedures and regular ongoing security audits. Breww maintains multiple geographically separated data backups to minimise the risk of data loss or outages.
Security monitoring
Breww's security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.
Always online for you
Best in class availability
We use multiple redundancy technologies for our hardware, networks, data centres and infrastructure. These ensure that if any component fails, Breww will keep on running – with little or no disruption to your service.
Built to perform at scale
Breww has been designed to grow with your business. Our high performance servers, networks and infrastructure ensure we can deliver a quality service to you and our other customers. We use Kubernetes (a tool built by Google & used by many well known brands) to ensure that we can easily scale our systems to match demand and quickly recover the entire system to a backup data centre in case of a serious outage at our primary data centre.
Disaster recovery and backups
Breww performs real-time data replication between our multiple storage servers & database servers to ensure your data is always available and stored safely. We also take point-in-time backups every 60 minutes which are synced to 2 other geographically-diverse data centres so even if some important data were to be deleted erroneously from our primary data store, and then this deletion replicated to our other production replicas, we'd still be able to get back to how the data was a maximum of 60 minutes prior. This means that even if there was an entire hosting facility failure (which is extremely unlikely), we can switch over quickly to a backup site to keep Breww and your business running. We transmit data securely and always encrypt all data in transit. We perform regular disaster recovery tests to ensure our procedures work and continue to do so.
Constant updates and innovation
We're constantly working on and improving Breww, delivering new features and performance improvements. Updates are delivered every week, with the majority of them being delivered without interrupting our service and disrupting users. Keep an eye on our release notes to see how often Breww is updated and what's new.