Top Levels of Cybersecurity

Security

When working with us, you know your data is safe and your platform is accessible to all.

Fully legislation and accessibility compliant

The only end-to-end proprietary engagement software

Security & Compliance

Engagement Hub applies the latest in cybersecurity technologies and is legislation and accessibility compliant. 

We are an Australian company with our secure dedicated ISO 27001:2022 and CSA STAR Level 2 certified data centre located in Sydney. Our 99.9% uptime is backed by end-to-end encryption, daily back-ups and data storage on a RAID 10 array.

Request our Security & Compliance Statement
data ownership and integrity with Engagement Hub

Data Ownership & Access

Clients own and manage all their own data. Engagement Hub team only has access to client data if access is provided by the client
secure stakeholder management

Vulnerability Management

Our security and vulnerability management includes ongoing monitoring, intrusion prevention/detection, penetration testing, DDOS mitigation and protection, application scanning, password management, etc to reduce risk and ensure stable and secure software.
privacy and accessibility compliant software

Privacy & Accessibility Compliant

100% responsive and accessible by all modern devices and browsers. Meets all Australian Privacy legislation and WCAG 2.1 Level AA.
Security Overview - engagement software

Software Security

We are committed to protecting your and your community’s data and complying with all relevant standards.

100% cloud-based solution

No software downloads required

Compliance

We have a detailed Information Security Management System (ISMS) to ensure that our systems and processes effectively identify and manage security risks across our organisation.

Incident Management

Engagement Hub has a robust Information Security Incident Management Policy and Procedure in place which details the methodology for identifying, investigating and resolving all types of security incidents.

Scanning & Patching

We undertake scheduled and ad hoc penetration testing and continuously scan the software.

DDoS Mitigation And Protection

For Engagement Hub software, ConfigServer Security & Firewall is utilised. Firewalling restricts access to all ports except 443 (https). Amazon Managed Services utilises AWS Shield for the server.

Penetration Testing

We undertake both Manual Penetration testing as well as Automated Penetration testing. Our automated penetration testing provides SQL injection, cross site scripting testing, PCI compliance reports etc. along with identifying a multitude of vulnerabilities.
Security Overview - engagement software
Security - online engagement software

Data Centre Security

Our application utilises the world-class ISO 27001:2022 and SOC certified infrastructure provided by Amazon Web Services (AWS) for all its cloud hosting and server infrastructure. 

Secure Dedicated ISO-Accredited & SOC-Certified Data Centre

27001:2022 certified data centre with AWS Managed Services. Located in Sydney, Australia. Click to view certificate

SSL (Secure Sockets Layer) and TLS

are installed on our server so data is encrypted in transit

Data Encryption

Data is encrypted in transit, at rest, and on all backups using AES256 & SHA-2 (256) Access to Engagement Hub software is only available through secure HTTPS. Data in transit is encrypted over HTTPS protocols. For secure communication protocol, we utilise TLS with the most recent patch level (TLS1.3 at the transport layer). All data storage is redundant with redundant databases residing in a private subnet.

Uptime

We are committed to providing reliable cloud-based software backed by a 99.99% uptime guarantee. The software and server is monitored 24/7

Monitoring

Our monitoring includes includes, but is not limited to, environmental monitoring, network monitoring, load balancing monitoring, web server and database monitoring, firewall services and intrusion detection.

Back-ups occur daily

to a centralised back-up system for storage and retained for 7 days or 14 days (premium support clients)

Data Storage

on a RAID 10 array. O/S stored on a RAID 1 array

Disaster Recovery

We regularly review and test our recovery and restoration procedure which is outlined in our Business Continuity & Disaster Recovery Plan (BCP).
accessibility in digital engagement

Privacy & Accessibility

Our software is fully compliant with all relevant privacy and accessibility legislation and requirements. 

Privacy Compliant

Complies with privacy and data protection legislation and regulation. Includes the Australian Privacy Act 1988, Privacy Regulation 2013, the Privacy Amendment (Enhancing Privacy) and the New Zealand Privacy Act 2020

SPAM Act Compliant

Stakeholders must consent to receive mass communications from the software

100% responsive

Built for all devices, browsers and operating systems

100% accessible

Accessibility Compliant: Tested for WCAG 2.1 Level AA. Optional Userway plugin installation. Ability for stakeholders to upload audio submissions if low literacy

Language Translator

Built-In Language Translator featuring over 100 languages
accessibility in digital engagement
Data Protection and Access - online engagement

Data Protection & Access

We take data protection seriously and have multiple mechanisms in place to protect our clients’ data:

Data confidentiality & integrity

Your data is not shared with us or any third party. Only clients and their site administrators (and nominated project administrators) have access to their users and data. Engagement Hub’s interaction with client data is only at the request of the client and the client providing the access.

Access Control

A client’s site administrator has the control to add, amend and remove other administrators. Dependent on a project administrator’s permission settings, they may have access to adding, maintaining, editing and revoking stakeholder accounts.

System Access

Only authorised team members have access via secure MFA to firewall logs, penetration logs and other logs. We utilise a range of prevention and detection tools for alerting, logging and monitoring.

User Access - Passwords

Complex passwords including a combination of upper/lower case letters, numbers and special characters is required. Passwords are stored in (one-way) encrypted format, never displayed in clear text and all passwords stored in the database are hashed.

Optional Azure AD/Microsoft Entra SSO Integration

This is an additional fee due to bespoke programming needed per client Multi-factor Authentication (2FA) may be enforced by administrators for any administrator and stakeholder accounts.

How often do you update the software

Every month we release new deployments and updates

View Changelog

frequently asked questions

Security

increasing productivity through smart software applications
Engagement Hub employs the highest levels of security to our software. Unlike our competitors, our data storage is based in Australia like we are. Our ISO-accredited AWS data centre has daily back ups, end-to-end encryption and is all stored on a RAID 10 array.
 
Only you and your administrators have access to your platform and data.

We are an Australian company with our secure dedicated ISO 27001:2022 and CSA STAR Level 2 certified data centre located in Sydney. 

Engagement Hub is monitored (including but not limited to computing, operating and network infrastructure) twenty-four (24) hours per day, seven (7) days per week, three hundred and sixty-five (365) days per year to detect for any abnormalities.

Yes!
  • Privacy – Complies with privacy and data protection legislation and regulation. Includes the Australian Privacy Act 1988, Privacy Regulation 2013 and the Privacy Amendment (Enhancing Privacy)
  • SPAM – Stakeholders must consent to receive mass communications from the software. You can enable optional 2FA (two-factor authentication) to ensure data integrity
  • Accessibility – the software is 100% accessibility compliant and meets WCAG 2.1 Level AA. Responsive to all modern devices and browsers

Our security and vulnerability management includes ongoing monitoring, intrusion prevention/detection, penetration testing, DDOS mitigation and protection, application scanning, password management, etc to reduce risk and ensure stable and secure software.

Only you and your administrators can access your platform and data, unless you provide access to Engagement Hub for support reasons.

Yes, please contact us to request a copy of our full Security & Compliance Statement.

Book demo

Download our brochure for full details

Download now