Security
We’re committed to keeping your data safe. Learn about our robust cybersecurity architecture and compliance with industry-leading standards.
Compliance
Hustle is SOC 2 certified to meet AICPA’s Trust Service Principles and has STAR Registration from the Cloud Security Alliance.
Potential and existing customers may request a copy of Hustle’s SOC 2 report.
Our CSA STAR CAIQ is available at:
https://cloudsecurityalliance.org/registry/hustle-inc/
Layers of defense
Hustle’s infrastructure is protected by numerous layers of defense, known in the information security industry as a “defense-in-depth” strategy. Our security architecture includes:
- Distributed Denial-of-Service (DDoS) mitigation
- Encryption of data in transit and at rest
- Intrusion Detection and Prevention Systems
- Penetration Testing
- Security Patch Management
- Security Information Event Management (SIEM) with anomaly and threat detection
- Vulnerability Scanning
We pay special attention to the OWASP Top 10 and have tailored our development processes to identify and mitigate these issues.
Hustle also uses state-of-the-art technology combined with a full suite of information security policies to ensure our corporate environment is protected.
Security team
Every employee at Hustle, from office operations to our CEO, is dedicated to security and protecting our customer data in all that we do.
Hustle has a formal information security program in place. An experienced, certified security professional is dedicated to overseeing all of our security practices, policies and procedures with the safety of our customers’ data at the forefront of all efforts.
We also have an Information Security governance structure in place with an Information Security Steering Committee which meets periodically to review security-related initiatives at the product, infrastructure, and company level. All of our C-level executives are actively involved in maintaining and reviewing the information security program.
Backups and redundancy
Hustle’s infrastructure is engineered for redundancy and round-the-clock availability. We also conduct point-in-time, encrypted backups of all data stored in the Hustle app.
Our databases are also replicated in real-time to geographically disparate data centers for Disaster Recovery purposes.
Security training
At Hustle, we view security not just as a core component of our technology, but also as a cornerstone of our company culture. All Hustle employees receive security training both as a new hire and regularly thereafter. Communication channels for any security issues or questions are always open for our employees and customers.
We send out ongoing reminders to our staff about security issues, and in addition, regularly test our preparedness with phishing drills and other security exercises.