Updated April 9, 2019
We take the security of the data we manage very seriously. Here are some of the steps we take to ensure we keep this data safe.
We systematically use HTTPS on presshub.co or any of PressHub's subdomain. Any connection in HTTP gets redirected to it’s secured counterpart.
We have a strict and systematic HSTS policy with preload for all our subdomains. This ensures most clients (in particular browsers) will systematically connect using encrypted methods.
Backups are either encrypted themselves or on encrypted disks.
Datacenters selected to host PressHub's services include 24/7 surveillance teams with fencing and strict security procedures.
Any data stored outside of a datacenter for off-site backups are stored on encrypted drives using state-of-the-art technologies.
A Web Application Firewall is set up to filter incoming requests trying to compromise the service.
A firewall is systematically used on PressHub's servers to prevent access from non-approved IP addresses.
Critical admin interfaces are protected using at least double-authentication.
Our software infrastructure is regularly updated using automatic update mechanisms when possible.
End-to-end encrypted messaging systems are available to PressHub's employees and contractors, and used for most communications.
PressHub doesn't store any credit card information (except non-usable information to ease customer support, for example, the last four digits of the card).
The provider handling all the card details is certified as a PCI Level 1 Service Provider, the most stringent level of certification available in the payments industry.
PressHub maintains an active Security Bounty Program and encourages researchers to find and report vulnerabilities of the application.