ContrctHub Inc. Security Information

Physical Security

ContractHub data centers (handled by Amazon AWS) are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing,
constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and
infrastructure.

Servers

All servers that run ContractHub software in production are recent, continuously patched Linux systems. Additional hosted services that we utilize, such as Amazon RDS, S3, and others, are comprehensively hardened AWS infrastructure-as-a-service (IaaS) platforms.

Vulnerability testing

Web application security is evaluated by the development team in sync with the application release cycle. This vulnerability testing includes the use of commonly known web application security toolkits and scanners to identify application vulnerabilities before they are released into production.

Backups

ContractHub runs full daily automated backups of our databases and all user documents. All backups are encrypted and stored independently across 2 regions (1) America (2) Australia and further auto-replicated within each region by AWS to provide resiliency This guarantees maximum protection and independence between layers.

Encryption

Each and every transaction happening on the ContractHub platform is processed by a closely monitored server infrastructure and encrypted using industry-standard 256-bit HTTPS Encryption.

System Monitoring

At ContractHub, the production application and underlying infrastructure components are monitored 24/7/365 days a year.

Application architecture

The ContractHub web application is multi-tiered into logical segments (front-end, API, and database), each independently separated from each other in a DMZ configuration. This guarantees maximum protection and independence between layers.

Passwords & Tokens

Passwords and verification tokens are stored encrypted using modern and state-of-the-art solutions including the bcrypt key derivation function. We don’t store plain data but use cryptographic one-way hash functions.

Secured Documents

Contracts can only be viewed through the website using a verified account or using a unique key that is embedded within the recipient’s email link.

Sessions

Session data is remembered on the client-side and the server-side which improves security in case of any malicious operations.

Frequently Asked Questions

Who can access my data?

All your information and documents are only accessible through your username and password. It is very important that you do not share this information with anyone!

What do you do with my company information?

All the data collected in ContractHub will help us to pre-populate your documents and forms only!

Digital Signatures?

ContractHub’s digital signature is legally binding throughout the US and many other countries.

Can I delete my data?

Yes, you can exercise any right of access, rectification, cancellation, and opposition of the data that you have entered in ContractHub at any time.

Will you share my information?

No, ContractHub vows to never sell or pass the data of your company, members, or personal data to a third party.

Do ContractHub employees have access to my documents and data?

Senior engineering and support staff may access your account, with your permission, and only if it’s required for servicing your account or resolving an incident you’ve reported. However, this rarely requires viewing a document itself.

Get started with ContactHub today

No credit card required