Security

TeamHub is built with security as a foundational concern. Below is a summary of our key security practices.

  • All solutions are built following industry best practices, including the Twelve-Factor App methodology and the OWASP Secure Coding Practices.

  • We host exclusively with leading IaaS providers that are GDPR-compliant. A list of providers is available on request.

  • Server access is restricted to 4096-bit SSH keys. All administrative access uses encrypted tunnels.

  • Our databases are hosted by MongoDB Atlas and run in replica sets for high availability and data redundancy.

  • The entire application stack is fronted by Cloudflare, which provides:

    • DDoS detection and mitigation

    • Web application firewall

    • Real-time DNS management

    • Load balancing

    • Network performance monitoring and routing

    • Content delivery network (CDN)

  • All traffic is served over TLS 1.3 and HTTP/2 using modern HTTPS encryption, including Elliptic Curve Cryptography (ECC).

  • Role-based access control is enforced at the individual company level throughout the application stack.

_images/ssl-certificate.png