This page describes security measures taken by HiveDesk team. We update this page periodically to reflect the current state of security measures.
We encrypt all data in transit, i.e., data going from user’s computer to the server and from the server to user’s computer. We use industry leading AES-256 encryption for all data stored in our servers.
Only authorized user can login to the application. We use AWS servers with both platform and server level security layers. We use firewalls and network Access Control List with Load Balancers to stop DDoS and other intrusion attacks.
Backup and monitoring:
HiveDesk data is backed up on daily basis. We monitor all infrastructure actively to ensure uptime and reliability of the application.
Users can access the application using a Login ID and Password combination. We have implemented OAuth in the HiveDesk Client to ensure only authorized users can login to the client and communicate with the server.
We have a limited and identified set of personnel who can be authorized by account admins to look at their data, if required.
We prioritize fixing bugs and security vulnerabilities over new feature development.
Uptime & availability:
HiveDesk web application (server) is hosted on AWS which is a fault-tolerant environment. We use load-balanced & fail-over servers to ensure high availability of the service.
HiveDesk client uses Lambda API which is highly scalable and can support large number of concurrent users.
Disaster recovery and business continuity:
We have strong processes and policies in place for disaster recovery and continuity of business. These cover different scenarios like server failures, data center failures, and data loss.
Our servers are replicated across multiple data centers and geographies. Our processes lay out steps to be taken for restoring our service in case of a disruption.
Secure payments with PCI compliance:
All payments in HiveDesk are processed by Chargebee and secured by PCI Standards. Our servers don’t process or store your card data.
Please refer to Chargebee’s PCI compliance statement for more details.