TB2.png
Get Brim
Get Brim
TB2_res.png
Get Brim
Englishen Françaisfr
Get Brim

Security & Trust

Brim’s platform is built from the ground up with security as a core principle. We work with regulated institutions across Canada and the U.S., which means our systems are designed to withstand scrutiny — from internal risk teams to external regulators.

Spend stimulation campaigns
Comprehensive verification across all systems, users, and services with no implicit trust assumptions.
Real-time monitoring and automated alerting
Geographically redundant hosting
Multiple data centers across regions ensure high availability and disaster resilience.
End-to-end encryption and tokenized
data flows throughout the ecosystem
Granular role-based access controls
across all platform portals and workflows
Connect With Us

Brim is SOC 2 Type 2 certified, with audits conducted by Coalfire — a leading cybersecurity firm trusted by Fortune 500 companies and major financial institutions including Capital One, Wells Fargo, and Bank of America.

SOC 2 Type 2 evaluates the effectiveness of our internal controls over an extended period, based on the following Trust Services Criteria:

  • Security - Protection from unauthorized access
  • Availability - System uptime and operational reliability
  • Confidentiality - Safeguarding sensitive business data
Audited by
Brim is Payment Card Industry Data Security Standard (PCI-DSS) 4.0 compliant and our PCI DSS controls include:
  • Full encryption of card data in transit and at rest
  • Tokenization of sensitive payment information
  • Network segmentation and 24/7 monitoring
  • Logged and role-based access with full audit trails
Clients do not need to maintain their own PCI compliance — Brim covers this end-to-end, with complete transparency and auditability through our enterprise workflow platform.

Brim’s Information Security Management System (ISMS) is certified under ISO/ 27001, the global benchmark for managing information security risk.

Our ISMS includes:

  • Structured risk assessment and mitigation processes
  • Documented policies for access control, vendor management, and business continuity
  • Internal and external audits
  • Executive oversight and governance of security frameworks
Brim is a registered Payment Service Provider (PSP) under the Retail Payment Activities Act (RPAA)
  • Brim adheres to high standards for risk management and operational resilience within a central bank’s payments oversight framework
  • Operates within a payments oversight framework, with defined governance and accountability
  • Maintains a formal risk management framework and controls designed to support safe, reliable payment services
  • Supports operational resilience and the protection of users through incident readiness and appropriate safeguarding measures

Disaster Recovery & Redundancy

Brim has a fully operational Disaster Recovery and Business Continuity Plan, tested regularly and reviewed as part of both internal audits and client due diligence.

Our ISMS includes:

  • Automated failover and replication to ensure data integrity and minimize service disruption
  • Clearly defined RTO (Recovery Time Objective) and RPO (Recovery Point Objective) benchmarks aligned with enterprise expectations
  • Periodic tabletop exercises and live simulations to validate recovery readiness
  • Tiered escalation procedures covering system-level events, infrastructure failures, and regional disruptions

Connect With Us!

We're available to answer your questions, provide support, and discuss how our platform can meet your business needs.
Connect With Us
YCHome_Mockup_3x
slogo1
slider_logo
slogo2
slogo3
slogo4
Connect With Us
connectusbox
logo
logo
logo
logo
logo
logo