Product Security

  • Permissions - Dash Hudson enables permission levels within the app to be set for your teammates. Permissions can be set to include app settings, billing, and user data.

  • SSO - Dash Hudson enforces Single Sign-on (SSO) which allows brands to authenticate users in their own systems without requiring them to enter additional login credentials.

  • Password and Credential Storage - Along with SSO, Dash Hudson enforces a password complexity standard. Credentials are stored using secure hash algorithms.

  • Uptime - Dash Hudson has an uptime of 99.9% or higher.

Network and Application Security

  • Data Hosting and Storage - Dash Hudson services and data are hosted in Amazon Web Services (AWS) facilities in the USA.

  • Virtual Private Cloud - All of our servers are within our own virtual private cloud (VPC) with network access control lists that prevent unauthorized requests.

  • Encryption - All data sent to or from Dash Hudson is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only and score an “A” rating on Qualys SSL Labs‘ tests.

  • Failover and DR - Dash Hudson infrastructure and data is spread across two AWS availability zones, built with disaster recovery in mind.

  • Back Ups and Monitoring - Dash Hudson uses Amazon RDS daily backup solution for databases that contain customer data.

  • Permissions and Authentication - Dash Hudson is served 100% over https. Access to customer data is limited to authorized employees who require it for their job. Dash Hudson runs a zero-trust corporate network. There are no corporate resources or additional privileges that come from being on Dash Hudson’s network. We have Single Sign-on (SSO), 2-factor authentication (2FA) and strong password policies on GitHub, Google, AWS, MongoDB, and Dash Hudson to ensure access to cloud services are protected.

  • Incident Response - Dash Hudson implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post mortems. All employees are informed of our policies.

Additional Security Features

  • Confidentiality - All Dash Hudson employment contracts include a confidentiality agreement that must be signed and returned prior to commencing employment.

  • Training - Annual Security and Awareness training is completed by all Dash Hudson employees.

  • Policies - Dash Hudson has developed, and frequently update, a comprehensive set of security policies. These policies cover a wide-range of topics and are shared with all employees.

  • PCI Obligations - All payments made to Dash Hudson are administered through our partner, Stripe. Details about their security setup and PCI compliance can be found at Stripe’s security page.