Our customers rely on the HulerHub platform to securely work from anywhere in the world. We understand that security and privacy is the number one concern for the organisations we work with, many of who operate in highly-regulated and security-conscious industries.

Our cloud-based platform is built with this in mind, offering industry-leading protection security as standard to protect the data of your business, employees and customers. No ifs or buts.

When you work from anywhere, you need to be confident your data is available whenever (and wherever) you need it. Our systems are hosted on Amazon Web Services (“AWS”) across multiple availability zones. That way, if one ever fails, your service remains totally uninterrupted. For more information on this, please visit the AWS security page.

HulerHub implements a security-oriented design in multiple layers, one of which is the application layer. The HulerHub application is developed according to the OWASP Top 10 framework and all code is peer reviewed prior to deployment.

Huler also employs a number of industry standards to ensure the separation of client data within a multi-tenant system. Client access to data relies on short-lived access tokens which encode the account ID the client has access to. This account ID must match the account ID of any returned records at every stage of processes. If it doesn’t, the data cannot be returned to the client.

Once you’re in, HulerHub encrypts all data:

• Traffic is encrypted using TLS 1.3 with a modern cipher suite, supporting TLS 1.2 at minimum.
• User data is encrypted at rest across our infrastructure using AES-256 or better.
• Encryption keys are managed using the AWS KMS service.
• Credentials are stored within the AWS Cognito service.

HulerHub then ensures consistent backups of user data to allow for Point-in-Time Recovery.

We use a comprehensive set of tools and services to protect what we love, including

• Hosting all services behind an API gateway;
• A web application firewall (WAF) for content-based dynamic attack blocking;
• Rate limiting;
• Encrypting all data at rest using the AWS KMS service;
• Network traffic logs

Don’t just take our word for it either. We use independent third-party accredited auditors to conduct penetration tests to ensure all our processes and implementations are robust. These tests continue on an annual basis, both in the application and within the infrastructure, to continually ensure we are meeting the highest standards.

Huler’s infrastructure is fully cloud-based, meaning our offices are home to our people only. We also protect our sites using personalised access control together with internal and external CCTV and alarm systems.