Guides
  1. General

Security and Compliance

Learn about BEEM's security architecture including authentication, role-based access control, workspace isolation, audit trails, and compliance with SOC2, PIPEDA, and GDPR standards.

BEEM is built with security at every layer. Your data stays in a dedicated cloud environment with enterprise-grade access controls.

Understand Authentication

  1. BEEM uses AWS Cognito user pools for identity management
  2. Log in with your email-based username
  3. Password policy requires 8+ characters minimum
  4. SSO support is available for enterprise single sign-on
  5. Sessions are managed automatically with expiry handling

Set Up Role-Based Access

  1. Go to Members in the left sidebar
  2. Assign each user the appropriate role:
    • Organization Admin: Full access, manages members and settings
    • Editor: Creates and edits content, no admin access
    • Viewer: Read-only access to dashboards and AI Insights
  3. Roles are assigned per workspace, providing fine-grained control

Configure Workspace Isolation

  1. Create separate workspaces for different teams or projects
  2. Users only see data in workspaces they are invited to
  3. Share datasets across workspaces on a read-only basis (results only, SQL is hidden)

Review Your Audit Trail

  1. Open Monitor in the left sidebar
  2. Filter events by date, object type, and status
  3. Review who did what and when for compliance reporting

Compliance Standards

StandardStatus
SOC2Processes in place
PIPEDACompliant
GDPRCompliant

Data Residency

  • All data is hosted on AWS ca-central-1 (Canada)
  • Each client has a dedicated cloud environment
  • Data never leaves your infrastructure when using AI Insights

Authorization Summary

  • Organization-level user management
  • Workspace-level member management with RBAC
  • Dataset sharing controls: Share results without exposing underlying SQL
  • Connection management: Organization Admin only

Updated 4 days ago