Security

Enterprise-grade security is built into every layer of DueHub.

Infrastructure

Hosted on enterprise-grade cloud infrastructure
Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
Automated backups with point-in-time recovery
Multi-region availability for business continuity

Access control

Role-based access control (RBAC) with principle of least privilege
Multi-factor authentication (MFA) support
SSO / SAML integration for enterprise clients
Complete audit trail of all user actions

Compliance

Security controls aligned with SOC 2 Type II requirements
GDPR-aligned data handling
Regular penetration testing by independent third parties
Vulnerability disclosure programme

Incident response

We maintain a formal incident response plan with defined escalation procedures. If a security incident affects customer data, we notify impacted customers within 72 hours.

Contact

To report a security vulnerability or make a security-related inquiry, contact security@duehub.app.