Data security and privacy is an extremely important issue can be a major problem, so here are tips to help protect your account as well as the security measures we at HitSend take to safeguard you.
Password Protection
Hacking an account password is the most common way intruders gain access to an account. The main vulnerabilities they look for are:
Repeated used passwords from your other logins
Common easily guessed passwords
To avoid password hacking we highly recommend using a password manager to create a complicated and unique password for each online account you have making it extremely difficult for a hacker to guess your password. The most common password manager is the Google Password manger built into Chrome (our recommended browser for HitSend).
Another way to help protect your account is to routinely change your password with a strong, unique password each time.
2 Factor Authentication
The best way to foil hackers from breaking into your account is to enable 2 factor authentication, so that even if your password is compromised, it is useless without the confirmation code.
HitSend uses Google Authenticator, which is an app you can download onto your phone. You must enable 2 factor authentication in your user settings and either scan or enter the verification code from the app. Once that is enabled every time you login, once your email and password are confirmed you will be asked to enter your 2nd authentication code, which comes from the app.
The reason why the app is necessary is because the key changes every 30 seconds, so you will never use the same code twice to login to your account. This additional security makes it near impossible for anyone to access your account without having physical access to your phone. For more information on how to setup 2 Factor Authentication for you account, read this article.
Collaboration Protection
HitSend allows you to use multiple ways to collaborate, however, the more active links that a project has the easier it is for someone to gain access. To mitigate this risk, delete any Project Invite links that are used, and add password restrictions to your Playlist Links.
In addition, you can restrict downloads for Playlist Links and Project Members as well to prevent anyone from gaining access to files even if a link gets breached
Encryption and Data Privacy
Files at rest are encrypted With 256 bit Advanced Encryption Standard
SSL/TSL encrypted pipelines using 128 bit or higher encryption.
No financial data or credit card numbers are by HitSend
Client side communication and sessions are verified on the server side
Passwords are one way hashes
All account information is encrypted and secured
Master key access is restricted even from employees
HitSend does not distribute or share any of your private information, account details and assets, or sell user data and stats to any 3rd parties.
In the event of a security breach or loss of data, you will be immediately notified by HitSend. We will recover any lost data as quickly as possible and publish an incident report that will be made available to you.