Security
TeamHub is built with security as a foundational concern. Below is a summary of our key security practices.
All solutions are built following industry best practices, including the Twelve-Factor App methodology and the OWASP Secure Coding Practices.
We host exclusively with leading IaaS providers that are GDPR-compliant. A list of providers is available on request.
Server access is restricted to 4096-bit SSH keys. All administrative access uses encrypted tunnels.
Our databases are hosted by MongoDB Atlas and run in replica sets for high availability and data redundancy.
The entire application stack is fronted by Cloudflare, which provides:
DDoS detection and mitigation
Web application firewall
Real-time DNS management
Load balancing
Network performance monitoring and routing
Content delivery network (CDN)
All traffic is served over TLS 1.3 and HTTP/2 using modern HTTPS encryption, including Elliptic Curve Cryptography (ECC).
Role-based access control is enforced at the individual company level throughout the application stack.