Status Help Login Create Account

Security at HireFire

This is a high level overview of the security practices at HireFire.

Internal

Our staff takes adequate security measures in order to prevent unauthorized access to its hardware, as well as first- and third party services. Measures include, but are not limited to the use of:

  • Strong credentials
  • Two-factor authentication
  • Security keys
  • GPG keys
  • Secure connections
  • Disk encryption
  • Firewalls
  • Security patches

Services

Mechanisms for high availability are in place for our user-facing services.

All connections between users and our services, as well as all communication between our internal services make use of transport layer security (TLS) in order to secure data in transit. All services run within data centers and/or platforms that have a form of DDOS protection in place.

All third party software used in our services is updated on a regular basis. Security patches are applied as soon as possible once they become available.

Databases

All connections to our databases are secured using TLS. Data in these databases are encrypted at rest. Extra sensitive data receives an additional layer of encryption at the database level.

Our databases are backed up continuously, allowing for point-in-time recovery, resulting in minimal data loss in the event of a disaster.

Data Centers and Platforms

HireFire uses AWS (Amazon Web Services Inc., U.S.), Hetzner (Hetzner GmbH, Germany) and Scaleway (Scaleway SAS, France) data centers, as well as the Heroku (Salesforce Inc., U.S.), Netlify (Netlify Inc., U.S.) and Cloudflare (Cloudflare Inc., U.S.) platforms to operate our services.

All infrastructure managed by HireFire is locked down using firewalls and strong authentication mechanisms. Updates are applied on a regular basis, and security patches are applied as soon as possible once they become available.

Heroku

Heroku manages our primary infrastructure and databases. They also host our primary services.

Refer to Heroku's Security Policy for more information regarding security.

Netlify

Netlify serves our home page, documentation and web interface. This allows us to provide fast, reliable and secure content delivery.

Refer to Netlify's Security Page for more information regarding security.

Amazon Web Services

Amazon Web Services is used indirectly (via Heroku) to run our primary infrastructure, databases and services. In addition to that, miscellaneous resources, such as log data, make use of AWS.

Refer to the AWS Security Paper for more information regarding security.

Hetzner

Hetzner is used in situations where high performance and/or bandwidth is a requirement.

Refer to Hetzner's Data Center Page for more information regarding security, ddos protection and certifications.

Scaleway

Scaleway is used in situations where high performance and/or bandwidth is a requirement.

Refer to Scaleway's Security Paper for more information regarding security.

Cloudflare

Cloudflare is used for a variety of our services to improve performance, security and ddos mitigation.

Refer to Cloudflare's Magic Transit Paper for more information regarding ddos protection.

Payments

Stripe processes payments and securely stores credit card information on our behalf, while Chargebee handles invoicing.

Refer to Stripe's Security Page for more information regarding their security.

Refer to Chargebee's Security Page for more information regarding their security.

Terms of Service Privacy Policy
HireFire by Final Creation