Data Security Overview

LAST MODIFIED: NOVEMBER 11, 2019

Introduction

Heartdub is responsible for protecting your information that stores in our database. Safeguarding the confidentiality, integrity, and availability of our customers’ data is of the utmost importance to Heartdub. All Heartdub employees undergo security training as part of the orientation process and receive ongoing security training throughout their careers.

Access Control

Heartdub maintains a framework with high availability and dependability to ensure only approved users are granted access to appropriate data and resources.

Data in Transit

To prevent unauthorized access, data traveling between a customer and Heartdub is encrypted exclusively over HTTPS/TLS and HSTS by default.

HTTPS/TLS (Transport Layer Security) is the protocol that encrypts communication between users and Heartdub. When web traffic is encrypted with TLS, users will see the green padlock in their browser window. Traffic to and from Heartdub will be served over the TLS 1.3 protocol when supported by clients.

HSTS (HTTP Strict Transport Security) is an opt-in security enhancement mechanism for high-security websites which forces users to communicate with servers through HTTPS only. This policy enforcement protects secure websites from downgrade attacks, SSL stripping, and cookie hijacking. It allows a web server to declare a policy that browsers will only connect using secure HTTPS connections, and ensures end users do not “click-through” critical security warnings.

Data Storage

Heartdub always encrypts customer content stored at rest, without any action required from the customer, using one or more encryption mechanisms. Any data stored in the database is encrypted under different combinations of cascaded algorithms, and each encryption key is itself encrypted with a regularly rotated set of master keys produced using ECDHE.

Security Monitoring

Our security team gives immediate attention to any suspicious internal network traffic, employee actions on systems, and outside knowledge of vulnerabilities.

Network Infrastructure

Heartdub’s network infrastructure is maintained in highly secure, strategically located data centers managed by IBM. Learn more about IBM Security.