top of page

UpLink Security

When requesting and transmitting sensitive client documents, security is paramount.  At UpLink, we employ state-of-the-art security measures and undergo regular security reviews from third party security firms to ensure the highest level of data protection.

SOC 2 Certified

UpLink security practices and controls have been independently audited by experts.


Data is encrypted in transit and at rest using the most secure algorithms available.

Zero Data Retention

None of the data you upload is ever used to train AI models and isn't retained by us or any third party once you delete it.

Two Factor Authentication 

 All internal accounts require two-factor authentication to mitigate the risk of unauthorized access.

Zero-Trust Architecture

UpLink was architected from the beginning with security in mind. We employ a zero-trust security model, which means that no components or systems can communicate with each other without specific authorization and authentication.

Self-Hosted and Tokenized Data Options

In Enterprise editions, UpLink can be configured with a self-hosted or third party data storage layer so that files never touch UpLink servers or infrastructure.  You and your client interact with UpLink directly, but the files are stored on independent infrastructure, much like an e-commerce site uses a third-party payment processor like Stripe for credit cards.

Principle of Least Privilege 

Only strictly required access is granted to accounts and personnel to minimize risk. 

Automated Security Checks

All code, libraries and operating systems are regularly scanned for vulnerabilities and patches or updates are made to mitigate identified security issues. 

Continuous Security Monitoring & Threat Detection

We leverage modern AI tools and run continuous monitoring on our infrastructure. Threat detection monitors for malicious activity and anomalous behavior to keep systems and data secure.

Secure Links for Client Login

UpLink leverages secure links for client authentication. This is more convenient for clients and more secure because terminated client users can no longer access UpLink once their IT department shuts off e-mail access.  Read more.

Account Level Security

All accounts must meet minimum requirements for password complexity. Account sessions are protected through inactivity timeouts.

Regular access reviews

Access to systems and accounts is regularly reviewed to ensure no personnel have inappropriate access to systems or data.

bottom of page