How BSC Designer Manages Your Strategy Data

Learn the options you have regarding data governance with BSC Designer to ensure high security, fast access, and data localization compliance.

How Your Strategy is Stored

We use Digital Ocean for cloud hosting on our platform. Digital Ocean provides highly reliable data centers that are certified according to industry best practices:

• AICPA
• SOC 2 Type II
• SOC 3 Type II
• ISO 27001
• PCI-DSS

To host and process your data securely, BSC Designer implements industry best practices within the established cybersecurity program.

Access to Strategy Data

Learn how BSC Designer helps you control access to your strategy data with flexible permission models and enterprise-grade authentication options.

Role-Level Access Control

BSC Designer provides granular role-based permissions that determine what users can see and do within the platform:

• Administrator. Full access to all scorecards and account settings.
• Power Users. Can modify goals, KPIs, initiatives, and their values/targets.
• Data Input Users. Limited to entering new values in existing KPIs, uploading documents, and commenting.
• View-Only Users. Read-only access to data, dashboards, strategy maps, and reports.

Action-Level Permissions

In addition to roles, specific action-level permissions can be configured to meet internal compliance or operational needs:

• Use of external data sources. Allow users to create indicators based on SQL queries.
• Restrict to data input only. Limit users to editing KPI values without modifying scorecard structure.
• Approval workflow for new data. Require supervisor approval before updated values take effect.
• Control over historical data changes. Define time periods after which data is locked from further modification.

Access Control

BSC Designer allows administrators to manage access at multiple levels—across groups of scorecards, individual scorecards, and specific strategy items such as KPIs, goals, and initiatives.

Key facts:

• Administrators can assign access to scorecard groups, scorecards, or individual elements (e.g., goals, KPIs, initiatives).
• Ownership-based access. When a user is assigned as the owner of a goal, indicator, or initiative, they receive access rights based on their user role.
• Owners receive platform notifications about assigned items; administrators can manage global notification settings, while users can adjust their own notification frequency.
• Access can be revoked at any time by removing the user as an owner or through the permissions panel.
• Additional access rights can be granted to internal or external users, including via public view access or email-based invitations.

Additional Security Measures

BSC Designer supports several additional security features designed to protect access and streamline administration:

• Team-Based Access Control. Users can be grouped into teams to simplify ownership assignment and permissions management.
• User Provisioning via SCIM. Enterprise customers can automate user and team provisioning.
• Two-Factor Authentication (2FA). 2FA can be enabled for all users to enhance login security.
• Protection Against Brute Force Attacks. The platform automatically blocks accounts after multiple failed login attempts and enforces session timeouts for inactive users.

Data Backup

BSC Designer performs daily backup snapshots for all user data.

• For Professional Plan users, backup snapshots are retained for a period of one (1) year.
• Enterprise Plan users benefit from an unlimited backup retention period.

In addition, users can perform their own data backups through the built-in backup function within the platform, providing additional options for data management and retention.

Strategy Portability

BSC Designer provides the necessary functionality to ensure strategy portability between strategy execution platforms. You can:

• Import an existing strategy to BSC Designer (see the Import command in the Tools menu).
• Export a strategy scorecard (see the Export command in the Tools menu).

In addition to regular automated backups on the platform side, the account administrator can download a complete backup of all account details via Settings > Backup.

Audit Trail

To satisfy the compliance requirements established within the company, the audit trail can be activated to record all strategy-related activities within the platform.

• Activate the audit trail via Menu > Users > Audit Trail

All strategy-related activities will be available to the administrator via Users > Audit Trail. Additionally, the necessary contextual information about changes made to goals, KPIs, and initiatives will be available via the History of changes on the Context tab.

Historical Data Modification Lock

To meet the data governance requirements for performance reporting, the platform can automatically lock the possibility of modifying data after a certain period.

For this purpose, use the Historical Data section available in Menu > Settings > Workflow tab.

How AI is Implemented

BSC Designer can be connected with GenAI for strategic analysis. Below is an outline of AI-related mechanics:

• Activation. The account administrator can enable or disable global use of AI within the account.
• Accountability. Only power users with full access to the scorecards can use AI. The use of AI is recorded in the audit trail.
• Transparency. When starting an AI-powered chat, the user decides what data will be sent to the AI as context. No data is sent to the AI in the background without direct user approval.
• Anonymization. Personal data, such as user names and emails, are anonymized before being sent to the AI.
• Privacy. To ensure better contextual information and data security, we can connect your account to your proprietary AI models.

For more details, please refer to our AI Use Policy.

Data Localization: Shared Cluster

BSC Designer provides a data localization option, allowing you to host your data in a shared cluster at one of the following locations:

1. New York City, US: NYC1, NYC2, NYC3
2. San Francisco, US: SFO1, SFO2, SFO3
3. Toronto, Canada: TOR1
4. London, United Kingdom: LON1
5. Frankfurt, Germany: FRA1
6. Amsterdam, Netherlands: AMS1, AMS2, AMS3
7. Singapore: SGP1
8. Bangalore, India: BLR1
9. Australia: SYD1

Data localization provides faster access and ensures data compliance for organizations in regulated business domains.

Data Governance: Private Cloud

We offer the possibility of hosting your data in a private cloud. A private cloud can be configured according to your organization’s requirements, giving you more flexibility in terms of data governance. Among the benefits of a private cloud:

• The cluster hosts only the data of your organization
• Lower latency due to the geographic proximity of your data
• Fulfilling data governance requirements of regulated business domains

More flexible cybersecurity settings include:

• The possibility to set up specific IP rules (such as allowing access only from certain IP ranges)
• The possibility for specific backup rules (more frequent backups or different backup locations)

The costs of a private cloud are not included in the standard subscription and are determined based on specific requirements. As a reference, pricing starts from:

• Annual cloud hosting fee: USD 5,280/year

BSC Designer

BSC Designer is strategy execution software that enhances strategy formulation and execution through KPIs, strategy maps, and dashboards. Our proprietary strategy implementation system guides companies in practical application of strategic planning.