010110.png

We take security very seriously

From our insistence on hosting UpLink only in SOC, HIPAA, and FIPS certified data centers, to our rigorous set of internal controls—everything about our platform was designed from day one with security in mind, because ensuring that your data is secure is our top priority.
SecurityHeroImage.png
Encrypted.png
Encryption
Data is encrypted in transit and at rest using the most secure algorithms available.
2FA.png
Two Factor Authentication 
All internal accounts require two-factor authentication to mitigate the risk of unauthorized access.
LeastPrivilege.png
Principle of Least Privilege 
Only strictly required access is granted to accounts and personnel to minimize risk. 
ZeroTrust.png
Zero-Trust Architecture
UpLink was architected from the beginning with security in mind. We employ a zero-trust security model, which means that no components or systems can communicate with each other without specific authorization and authentication.
Cloud.png
Self-Hosted and Tokenized Data Options
In Enterprise editions, UpLink can be configured with a self-hosted or third party data storage layer so that files never touch UpLink servers or infrastructure.  You and your client interact with UpLink directly, but the files are stored on independent infrastructure, much like an e-commerce site uses a third-party payment processor like Stripe for credit cards.
Alert.png
Automated Security Checks
All code, libraries and operating systems are regularly scanned for vulnerabilities and patches or updates are made to mitigate identified security issues. 
Shield.png
Continuous Security Monitoring & Threat Detection
We leverage modern AI tools and run continuous monitoring on our infrastructure. Threat detection monitors for malicious activity and anomalous behavior to keep systems and data secure.
Document.png
Tiered Security Model
UpLink makes it easy for your clients to submit data without signing up for an account through a secure link, but any changes to data or viewing of uploaded files can only be performed by a user with a registered account.
Password.png
Account Level Security
All accounts must meet minimum requirements for password complexity. Account sessions are protected through inactivity timeouts.
Review.png
Regular access reviews
Access to systems and accounts is regularly reviewed to ensure no personnel have inappropriate access to systems or data.