Trust
At Benchling, trust is part of our DNA. Maintaining the highest levels of security, data privacy, and compliance is essential to our commitment to customers.
Security
We employ a security-by-design approach to protecting your data that applies to every aspect of how we develop and maintain our products.
Product
Benchling embeds security in the Software Development Life Cycle and provides robust admin controls to give you greater visibility and control over your data with features like SSO and IP range restrictions.Operation
Benchling’s security team continuously implements new controls and maintains an active posture in regard to threat detection, disaster recovery, and business continuity plans.Organization
Benchling maintains ISO/IEC 27001:2022 certification aligned to the additional controls and implementation guidance of ISO/IEC 27017:2015 and ISO/IEC 27018:2019, in addition to a SOC 2 Type 2 attestation. Benchling is audited annually by independent third-party experts to conform adherence to high industry standards.
Security documentation
Security white paper
Benchling considers its commitment to protecting customer data as central to its mission and it employs the most advanced security and privacy measures for data protection.Information security policy
Benchling's information security policy is designed to ensure the confidentiality, integrity, and availability of customer data.
Compliance
We certify our products against the strictest industry standards and help you meet compliance requirements through our solutions.
Certifications
Benchling’s security and privacy programs are certified under ISO/IEC 27001:2022 aligned to the additional controls and implementation guidance of ISO/IEC 27017:2015 and ISO/IEC 27018:2019 and the EU-US Data Privacy Framework (DPF) Program. Benchling also maintains a SOC 2 Type 2 attestation.Benchling's Quality Management System (QMS) supporting the Validated Cloud Offering is certified under ISO 9001:2015.Regulations
Benchling has been built for compliance with FDA 21 CFR Part 11, Annex 11 and EPA regulations for operating in a regulated (GxP) environment.Regional Standards
Benchling aligns to crucial regional cybersecurity and privacy standards such as NIST, C5, GDPR, NCSC and CCPA.
Privacy
We have aligned our practices with the EU-US Data Privacy Framework (DPF) Program, GDPR, and CCPA regulations.
Data protection
Benchling protects your data at rest and in transit using AES 256-bit encryption and TLS encryption 1.2 or higher, respectively.Data governance
Benchling offers complete ownership and control over your data export, edit, retention, and storage.Transparency
Benchling practices a Zero Trust policy. Access to systems is restricted requiring multiple security attributes assigned to each user and multi-factor authentication is required in order to access any of the company’s IT services.