Trust
At Benchling, trust is part of our DNA. Maintaining the highest levels of security, data privacy, and compliance is essential to our commitment to customers.
SOC 2 Type 2
Benchling underscores its commitment to Security with its achievement of SOC 2 Type 2. This affirms Benchling's focus on offering best-in-class security and information privacy to protect its global biotech customer base.
Security
We employ a security-by-design approach to protecting your data that applies to every aspect of how we develop and maintain our products.
Product
Benchling embeds security in the Software Development Life Cycle and provides robust admin controls to give you greater visibility and control over your data with features like SSO and IP range restrictions.Operation
Benchling’s security team continuously implements new controls and maintains an active posture in regard to threat detection, disaster recovery, and business continuity plans.Organization
Benchling maintains an ISO 27001 certification, a SOC 2 Type 2 attestation, and is audited annually by independent third-party experts to confirm adherence to high industry standards.
Security documentation
Security white paper
Benchling considers its commitment to protecting customer data as central to its mission and it employs the most advanced security and privacy measures for data protection.Information security policy
Benchling's information security policy is designed to ensure the confidentiality, integrity, and availability of customer data.
Compliance
We certify our products against the strictest industry standards and help you meet compliance requirements through our solutions.
Certifications
Benchling’s security and privacy programs are certified under ISO/IEC 27001:2013 and EU-US Data Privacy Framework (DPF) Program. Benchling also maintains a SOC 2 Type 2 attestation.Regulations
Benchling has been built for compliance with FDA 21 CFR Part 11, Annex 11 and EPA regulations for operating in a regulated (GxP) environment.Regional Standards
Benchling aligns to crucial regional cybersecurity and privacy standards such as NIST, C5, GDPR, NCSC and CCPA.
Privacy
We have aligned our practices with the EU-US Data Privacy Framework (DPF) Program, GDPR, and CCPA regulations.
Data protection
Benchling protects your data at rest and in transit using AES 256-bit encryption and TLS encryption 1.2 or higher, respectively.Data governance
Benchling offers complete ownership and control over your data export, edit, retention, and storage.Transparency
Benchling practices a Zero Trust policy. Access to systems is restricted requiring multiple security attributes assigned to each user and multi-factor authentication is required in order to access any of the company’s IT services.