Overview
Welcome to BlevinsTrust, the Security & Trust Center for Blevins Holdings and its subsidiaries. As a diversified enterprise operating across aviation, corporate services, financial management, healthcare, research, defense, and public-sector–aligned initiatives, Blevins Holdings manages high-value information assets and mission-critical operations that require disciplined governance, precise controls, and transparent oversight. Our organization supports environments with elevated assurance obligations, including those shaped by financial-sector expectations, defense-adjacent compliance requirements, and enterprise-scale operational risk standards.
This Trust Center provides a consolidated, authoritative view of our security, privacy, and governance posture. It outlines the control frameworks, operational safeguards, risk-management structures, monitoring capabilities, and policy requirements that guide how we protect sensitive data and maintain the confidentiality, integrity, and availability of systems across the Blevins corporate ecosystem. Stakeholders will find detailed descriptions of our enterprise control environment and may request access to formal documentation, security assessments, and evidence packages under appropriate confidentiality protections.
Blevins Holdings maintains alignment with internationally recognized frameworks, including SOC 2, ISO 27001, NIST 800-53, and the NIST Cybersecurity Framework. As part of our formal roadmap, we are actively pursuing SOC 2 and ISO 27001 certifications to further strengthen our assurance program and provide verified, third-party attestation of our controls. Our governance model incorporates periodic internal assessments, structured evidence cycles, continuous improvement processes, and enterprise-level oversight to ensure our control environment remains effective, resilient, and responsive to evolving risks.
Through this Trust Center, we reaffirm our commitment to transparent, accountable, and high-integrity security practices that meet the expectations of financial institutions, public-sector partners, and defense-oriented stakeholders.
Lucid Motors
Apple
Cushman & Wakefield
CBRE
IQHQ
Maryland Democratic Party
Audi
Mazda Motor Corp.
Disneyland Resort
The Walt Disney Company
San Diego County Regional Airport Authority
Los Rios Colleges
State Of Maryland
Cargill
Glencore
Vitol
United Airlines
Sharp HealthCare
The American Cancer Society
Jefferies Financial Group
Lockheed Martin
U.S. Department of Energy
Kamala Harris
United Parks & Resorts
Vanguard
Wells Fargo
DCCC
Intuit
Gretchen Whitmer
Wes Moore
Gavin Newsom
California State
Marriott Bonvoy
Grossmont-Cuyamaca Community College District
Los Angeles Community College District
Zoom
Booking Holdings
SanDiegoCounty
Airbus
Reports
Reports
Upon verification and execution of suitable confidentiality agreements, Blevins Holdings may provide security-related documentation, including assessment summaries, penetration test overviews, control descriptions, and responses to structured security questionnaires. The scope of shared artifacts is determined by the nature of the engagement and the sensitivity of the information requested.
Self-Assessments
Self-Assessments
We conduct periodic internal security and risk self-assessments to evaluate the design, maturity, and effectiveness of our controls. These evaluations inform remediation efforts, risk treatment priorities, and program improvements. When required by institutional partners, we may provide completed questionnaires or standardized assessments under confidentiality.
Security Grades
Security Grades
We monitor third-party security ratings and external signals related to our public-facing assets as one component of our broader security program. While external security scores provide useful context, they are considered alongside internal telemetry, assessments, and testing. High-level trends or validated results may be shared with partners when appropriate.
Risk Management
Risk Management
Risk management at Blevins Holdings follows a structured process of identifying, assessing, prioritizing, and monitoring risks across security, operational, regulatory, and strategic domains. Risk outcomes guide control design, remediation planning, resource allocation, and governance reporting, ensuring alignment with business objectives and stakeholder expectations.
BC/DR
BC/DR
Blevins Holdings maintains business continuity and disaster recovery capabilities to support essential operations during disruptive events. These capabilities include backup and restoration processes, tested recovery strategies, identification of critical dependencies, and continuous improvement through validation and review.
Training
Training
All employees receive security awareness training covering responsible data handling, threat recognition, incident reporting, and adherence to security policies. Personnel in high-privilege or specialized roles receive additional training relevant to system administration, development, and incident response expectations.
Physical & Environment
Physical & Environment
Facilities and data center providers supporting Blevins Holdings must maintain appropriate physical and environmental controls, including secure access, surveillance, intrusion detection, environmental safeguards, and compliant equipment handling practices. These protections help ensure the physical integrity and resilience of the systems supporting our operations.
- Does the Company require MFA for all privileged users?
- Does the Company provide annual security awareness training to all employees?
- Does the Company maintain vulnerability management processes, including patch timelines?
- Does the Company maintain a current list of third-party subprocessors?
- Does the Company log administrative access to production systems?