MyHub safeguards your intranet with enterprise-level security
MyHub safeguards your intranet with enterprise-level security. All data is encrypted in transit and at rest, with automated daily backups to ensure nothing is lost. Combined with secure hosting and regular monitoring, your site stays protected, reliable, and compliant with global standards.
A core strength of MyHub’s security model is the isolation and protection of customer data. Each MyHub instance is separated at the application level, and all uploaded files are stored in secure, customer-specific folders that cannot be accessed by any other tenant. Access to pages, files, and administrative features is governed through granular, role-based permissions. Administrators can also enforce Multi-Factor Authentication when using Microsoft 365 single sign-on, adding an additional barrier against unauthorised access.
All connections to MyHub are protected using modern cryptography. Page and file access is encrypted and authenticated using AES_128_GCM, with DHE_RSA used as the key exchange mechanism—ensuring confidentiality, integrity, and forward secrecy during data transmission. This protects against interception and guarantees that only intended users can access your content.
MyHub also maintains a strong data resilience strategy through frequent, encrypted backups. We take four backups per day, capturing database content, configuration data, and file storage. These backups are retained for six days and are co-located across secure data centres in both the United States and the United Kingdom. This geographic redundancy ensures continuity even in the event of a regional disruption. Backup storage is encrypted, access-restricted, and monitored, and all backup management actions—such as manual S3 purges—are logged to provide a complete audit trail.
Data Retention Policy
MyHub follows a documented data retention and purge policy designed to meet privacy regulations and minimise security risk. All customer and personal data is categorised according to its purpose and required retention period. Throughout its lifecycle, data remains encrypted, access-controlled, and securely backed up. Data is retained only for as long as it is needed to deliver the service or meet contractual or legal obligations.
When a customer instance expires—or when data otherwise reaches the end of its retention period—it is removed through a controlled and secure destruction process. A scheduled deletion job removes application configuration data, database records, and static files. Database backups are automatically purged according to policy, while file backups undergo a weekly manual purge that is logged for traceability. These measures ensure data cannot be recovered once removed and enforce compliance with privacy and regulatory requirements. All retention processes are routinely reviewed to maintain alignment with best practices.
Data Storage Policy
Customer data is stored securely within encrypted cloud storage and database environments. Each customer’s data is isolated from others through application-level segregation and folder-level security. Access is governed exclusively by MyHub’s permissions model, ensuring only authorised users within your organisation can see or interact with your content. Stored data remains encrypted, monitored, and protected by strict access controls at all times.
How We Host Customer Data
MyHub is fully hosted within a trusted global cloud platform that maintains leading security certifications. Hosting environments implement strong physical and digital safeguards, including controlled access, environmental protections, and continuous monitoring. Administrative access to hosting systems is restricted to senior authorised personnel, ensuring customer environments remain secure and stable.
Reporting Security Issues
Users can report any potential security concerns directly to our dedicated security team at support@myhubintranet.com, where issues are triaged and managed under our formal incident response process.
MyHub’s layered approach—secure hosting, isolated storage, strong encryption, MFA options, structured permissions, continuous encrypted backups, and a rigorous retention and purge framework—ensures your data is protected at every stage. Our security posture is continually reviewed, tested, and strengthened to meet evolving standards and customer expectations.