Shared / read-only access to Brandbooks
The Brandbook.io platform allows users to set an access code so that suppliers such as graphic designers, marketing teams, employees of print shops, etc. can access the brand guidelines and uploaded files without having the ability to modify the Brandbook — e.g. these “read-only” users cannot upload or remove files and cannot make any changes to text.
This read-only mode is limited exclusively to users who have entered the access code that has been set on the Brandbook and subsequently shared with them. Files in a Brandbook are not available to users who do not enter the access code — even if a user shares a link to a file in the Brandbook via email or social media. This means that the content of a Brandbook is explicitly not visible to search engines.
Read-only mode should be considered a form of controlled access rather than private access. It is possible that a user with read-only access can share the Brandbook URL and access code to other people. The Brandbook access code is just like a wifi password: only one access code is set on the Brandbook which means multiple people will have this code and it is not personalized for one specific user.
The access code for read-only access to the Brandbook can be changed at anytime. Changing the access code will immediately invalidate the previous access code.
Application login security
Brandbook.io monitors application logins for brute force attempts to gain access to our platform. Malicious attacks are blacklisted for a specific window of time. This reduces the chances that a bot will be able gain unauthorized access to user accounts and Brandbooks.
Brandbook.io stores only salted and hashed passwords in our database (e.g. no plain text passwords) using the Argon2 password hashing algorithm. This is currently the recommended way to securely store user passwords in a database.
Secure application access: HTTPS / SSL
Brandbook.io is available only over HTTPS and has an A+ rating from Qualys SSL Labs' SSL Report. Brandbook.io is committed to maintaining this A+ rating.
Brandbook.io is hosted on an actively supported base operating system. We monitor the security updates released by the operating system vendor and regularly apply these updates.
Brandbook.io is accessible for server configuration and management only with private key SSH connections — password-only logins are explicitly disabled. SSH access is only granted to a limited number of people who directly work on server configuration and server management. We use only modern and secure SSH public key types: RSA keys >= 4096 bits, ECDSA and Ed25519 keys. DSA and RSA keys < 4096 bits are not used because they are not secure.
Even with SSH password-only logins disabled, we monitor the SSH service for attempts to brute force our servers and proactively ban any malicious attack that is detected.
Brandbook.io is currently hosted in the Netherlands and we are committed to keeping Brandbook.io hosted within the EU. This ensures that the Brandbook.io platform will always be subject to EU data protection laws.
Our current hosting provider is ISO 27001 ISO 9001 PCI-DSS NEN 7510 and ISAE 3402 Type I certified.
Last change: March 20, 2021
Amsterdam, The Netherlands