Operating at the intersection of data, AI and buildings means we’re managing more than technology, at Bitpool HQ, we’re the trusted hub of our partners and clients, responsible for unlocking smarter, more sustainable buildings while defending the data that delivers the goods.   It’s cybersecurity month here in Australia in October, so time to share a few of the things we do to keep our ecosystem of Bitpoolers, and their data safe. 

1. Continuous monitoring and intelligent alerting 

   Our cloud platform is continuously monitored using Microsoft Sentinel, one of the most advanced cloud-native SIEM (Security Information and Event Management) tools available.  

   • Always on: We maintain 24/7 visibility of system events, ensuring unusual behaviours or anomalies are flagged instantly.

   •  AI-driven detection: Sentinel embeds advanced analytics to spot emerging attack patterns and correlates them across systems.

   • Actionable insights: Alerts are raised, triaged and prioritised, so we respond quickly and effectively. 

   
   

2. Zero trust means zero trust 

   We really don’t trust anyone. So much so, we pay independent cybersecurity experts to undertake penetration testing on our platform to make sure we’re forewarned and protected on our terms. 

   • Real-world attack simulation: from comprehensive API testing, to application-layer exploits. 

   • Proactive hardening: to immediately improve defences, patch vulnerabilities, and adjust configurations. 

   • Transparent assurance: to give partners confidence that security resilience is tested and validated.

      

3. Incident response with confidence and speed 

   Our playbooks are a thing of beauty because how you respond in the event of an intrusion is everything.

   • Our incident response policies and playbooks define exactly what happens in the event of a security incident. 

   • Our first priority to limit exposure, is isolating affected systems immediately. 

   • Partners are notified clearly, in line with regulatory requirements and our internal commitment to transparency. 

     
     

4. No lone wolves 

   No lone wolves at Bitpool. Administrative and privileged accounts are one of the most common targets in a cyber attack. To mitigate this: 

   • Access is granted only where necessary.

   • Access permissions are audited and adjusted as roles or responsibilities change.

     
     

5. Compliance that travels 

   We align our policies and controls with ISO27001, the global security benchmark. Whether you’re in Brisbane or Birmingham, when it comes to data privacy, we don’t mess around either. 

   • European partners can trust we treat personal data with respect in line with GDPR legislation. 

   • We only collect what we need to deliver value, nothing more.

   •  If partners or customers want their data erased, we make it happen.