Our Culture of Security

Security is the foundation for everything we do at Hummingbird.

Get in Touch

We cultivate a culture of security at Hummingbird through ongoing education and appropriate personnel controls. Our security practices begin well before we consider making a candidate a job offer, and continue on past the point where we part ways with an employee. Every member of the Hummingbird team receives regular training, and access to sensitive systems is granted on a very restrictive basis.

  • Background checks
  • Strong password requirements
  • Ongoing training & certifications
  • Carefully controlled permissions
  • Code of conduct
  • Expert consultants & advisors

We secure the development of our apps through a combination of automated testing, mandatory peer reviews, and third party testing. Our service is monitored for vulnerabilities, and we maintain a bug bounty program. All code changes are carefully reviewed and tested before they can be merged and deployed to our staging and sandbox environments. After additional live testing, changes may be merged to our production environment. We can roll changes back easily and quickly.

  • Access management & reviews
  • Penetration testing
  • Vulnerability scanning
  • XSS, XSRF, and SQL Injection protections
  • Bug bounties

Keeping data secure is a top priority throughout our company. Encryption, access controls, system architecture design, and a culture of security among personnel all play roles in our approach to data security.

  • Data encrypted in transit & at rest
  • TLS 1.2 for all transmissions
  • Unique encryption key per customer
  • Data classification matrix
  • Access restrictions