Security is at the heart of Hedy's architecture. This article explains exactly how we protect your data, where it's stored, and the measures we take to ensure its safety.
Key Security Features:
Enterprise-grade cloud infrastructure
Multi-layer encryption
Comprehensive backup systems
Strict access controls
Infrastructure Overview
Hedy's infrastructure is built on Google Cloud Platform (GCP), specifically in the US-Central region. We chose GCP for its robust security features, reliability, and comprehensive compliance certifications.
Our Infrastructure Stack
Our Infrastructure Stack
Application Servers: Google Firebase Functions
Database: Google Firestore with encryption at rest
File Storage: not used
Authentication: Firebase Authentication
Data Encryption
We implement encryption at multiple levels to ensure your data remains secure:
In Transit:
All data transmission uses TLS 1.3
Secure WebSocket connections for real-time features
At Rest:
Database encryption using AES-256
Backup and Recovery
Our backup strategy ensures your data is always safe and recoverable:
Automated daily backups
Point-in-time recovery capabilities
Geo-redundant backup storage
14-day backup retention
Access Controls
We maintain strict controls over who can access your data:
Employee Access:
Role-based access control (RBAC)
Minimal access privileges
Regular access reviews
Detailed access logging
Two-factor authentication required
Physical Security
Through GCP, we benefit from:
State-of-the-art data center security
Multiple layers of physical access controls
Environmental protection systems
24/7 security staff
Regular security audits
Security Compliance
While we're working toward formal certifications, we already follow security best practices aligned with:
SOC 2
ISO 27001
GDPR
CCPA
Update and Patch Management
We maintain system security through:
Automated security updates
Regular vulnerability scanning
Dependency monitoring
Emergency patch procedures
Change management processes
Security is Everyone's Responsibility
If you discover a security vulnerability, please report it to [email protected]. We work quickly to address security concerns.
Business Continuity
Our business continuity plan includes:
Automated failover systems
Regular disaster recovery testing
Geographic redundancy
Documented recovery procedures
Regular system backups