VueSincNodeStoreShowcase Your Products
UK flag UK
AE flag AE AR flag AR AT flag AT AU flag AU BE flag BE BO flag BO BR flag BR CA flag CA CH flag CH CL flag CL CN flag CN CO flag CO CR flag CR DE flag DE DK flag DK DO flag DO EC flag EC EE flag EE EG flag EG ES flag ES FI flag FI FR flag FR GR flag GR GT flag GT HN flag HN HR flag HR HT flag HT IE flag IE IN flag IN IT flag IT JP flag JP KR flag KR LT flag LT LU flag LU LV flag LV MX flag MX NI flag NI NL flag NL NO flag NO NZ flag NZ PA flag PA PE flag PE PL flag PL PT flag PT PY flag PY RU flag RU SA flag SA SE flag SE SG flag SG SV flag SV TR flag TR UK flag UK US flag US UY flag UY UZ flag UZ VE flag VE VN flag VN ZA flag ZA

Operational Security

Security and compliance are embedded into every layer of Bimstore’s operations. Our policies and procedures align with recognised industry standards, including ISO/IEC 27001, SOC 2 and Cyber Essentials Plus.

Security, Compliance and Accountability

As part of Space Group, which is certified under Cyber Essentials Plus, we maintain these standards across all business activities.
We also apply additional security measures suited to a cloud-based SaaS platform, ensuring the protection of our systems and data.

Our approach extends beyond technical controls. We enforce strict operational processes, privacy safeguards and legal compliance, including full alignment with UK GDPR and the control framework defined in ISO 27001.

You can trust that every action we take is designed to safeguard your data, support regulatory obligations and ensure long-term platform resilience.

Image

A Security-Driven Culture

Strong security starts with culture. Every employee, across technical, operational and support roles, is pre-vetted and completes structured onboarding covering security responsibilities and expectations.

Security is embedded across the organisation. It sits within everyday decisions, not separate from them.

Ongoing training and regular audits ensure teams remain aware of emerging threats and evolving attack methods. Just as importantly, individuals are encouraged to question, challenge and escalate concerns without hesitation.

Each team member is expected to take ownership. Whether pausing a deployment or flagging unusual activity, people are trusted to act when something doesn’t look right.

We recognise that human behaviour is often the most targeted vulnerability. For that reason, we focus on awareness, accountability and an environment where concerns can be raised without pressure or hierarchy.

Working with the Right Partners

At Bimstore, we work with organisations that take security as seriously as we do. That standard is set from the outset and maintained through clear oversight, defined controls and regular review. Partners are expected to follow the same policies, processes and security expectations as our internal teams.

This extends to how people work day to day. Individuals are expected to question decisions, raise concerns and act where something doesn’t feel right. Security should never be compromised by pressure, hierarchy or process.

We treat partners as part of the wider Bimstore environment. Controls, infrastructure and oversight are applied consistently to ensure a secure and stable ecosystem for everyone involved.

Where we work with organisations earlier in their security journey, our standards remain unchanged. We support alignment by sharing guidance, tools and, where appropriate, elements of our own frameworks and processes. This helps strengthen overall resilience while ensuring systems and teams operate to a consistent level of security and accountability.

Image

Physical Security & Site Controls

Bimstore operates from its head office in Newcastle upon Tyne, a building with a strong heritage in software and innovation as the former headquarters of Sage. The space has been modernised and serves as the central operational hub for Bimstore and the wider Space Group. Designed by our in-house architectural practice, it supports secure, collaborative working across the business.

The facility is secure by design, with clearly defined access zones and controlled entry points. Each business operates within its own secure office environment, while shared spaces are managed to allow collaboration where appropriate. High-security areas, including server rooms, secure storage and restricted development zones, are accessible only to authorised personnel using RFID access, alongside additional controls such as key locks and keypad authentication. Access credentials are regularly reviewed and updated in line with policy.

Visitor access is controlled and monitored. All visitors are logged on arrival, remain within designated areas under supervision where required, and are formally signed out on departure. Access records and visitor logs are stored securely within our Information Security Management System (ISMS) to support audit and compliance. All contractor and visitor access is pre-approved and risk assessed, with any specific requirements clearly defined and recorded.

Monitoring, Infrastructure & Continuity

The building is monitored by 24/7 CCTV, with footage retained in line with policy and securely replicated offsite. Fire detection, alarm systems and environmental monitoring are in place and maintained in accordance with business continuity requirements.

Internally, our IT infrastructure is network-segmented, ensuring separation between guest access and core systems, with access granted on a strict need-to-know basis.

In the event of disruption, our Business Continuity Plan supports the recovery of core systems and operations within defined timeframes. The Bimstore platform is designed for resilience, with no reliance on a single location, individual or system, ensuring continuity regardless of physical site status.