Security Policy

Last Modified: November 3rd, 2023

At InspireHQ, we take security seriously and believe in a holistic approach across many different areas. Below, we have highlighted a number of the areas where we’ve focused our time so far and are constantly monitoring.

Secure Infrastructure

InspireHQ's platform is built with security at top of mind. We continuously monitor and validate our infrastructure against best practices to ensure that we are continuously meeting our security and reliability requirements.

Encryption

InspireHQ encrypts all sensitive data, both at rest and in transit. The underlying services automatically use industry standard AES-256 encryption for storage. All endpoints support TLS 1.2 and above for encryption in transit with an A+ grade from SSL Labs.

Continuous Security

InspireHQ focuses on continuous maintenance and monitoring of our security posture from code development through to production deployment. We implement multiple security controls including source code review, vulnerability scanning of libraries, source code and infrastructure and continuous monitoring of all cloud providers and assets.

IT Controls

InspireHQ focuses on continuous maintenance and monitoring of our security posture from code development through to production deployment. We implement multiple security controls including source code review, vulnerability scanning of libraries, source code and infrastructure and continuous monitoring of all cloud providers and assets.

Vulnerability Disclosure Program

InspireHQ leverages the hosting provider Render which has partnered with HackerOne to maintain a private vulnerability disclosure program. All reports are triaged by HackerOne and are then forwarded on to the Render team as appropriate.

DDoS Protection

InspireHQ has partnered with Cloudflare for DDoS protection. “Cloudflare’s 142 Tbps network blocks an average of 117 billion threats per day, including some of the largest DDoS attacks in history.”

Penetration Tests

InspireHQ's hosting provider Render undergoes annual third party application and network penetration tests with top tier independent firms.

Security Features

InspireHQ has built in a number of security features that we encourage our customers to take advantage of. From multi factor authentication to private URLs to automatically redirecting HTTP requests to HTTPS requests.

Physical Features

InspireHQ leverages Render Hosting that has partnered with multiple underlying cloud providers that take physical security seriously and have the attestation to back it up. All vendors are reviewed for their commitment to security from their physical to their virtual controls.

Compliance

We take security seriously. To that end, compliance reports and agreements validate of our commitment to adhering to security best practices and providing a level of assurance to our customers around the world. Please email Support to request a standard agreement or to ask about your compliance use case.

SOC 2: InspireHQ has intent to obtain both SOC 2 Type II and ISO 27001 compliance reports.