Accessibility or Data Protection? We deliver both.

Orderhive keeps all your data
secure and handy

Secured access to your data from anywhere in the world via mobile devices, tablets, or a computer.

Try Orderhive free!

Orderhive is SOC1 Certified

Orderhive has a SOC1 Type I report. Our SOC 1 report attests to the controls we have in place governing the availability, confidentiality and security of customer data as the map to Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA).

Application Security

In-Transit Encryption

Sessions between you and your Orderhive application are protected with an in-transit encryption using 256-bit or better keys and TLS 1.0 or above. Users with modern browsers will use TLS1.2 or 1.3.

Web Application and Network Firewalls

Orderhive monitors potential attacks with several tools, including a web application firewall and network-level firewalling. In addition, Orderhive contains Distributed Denial of Service (DDoS) prevention defenses to help protect your Orderhive.

Software Development Lifecycle (SDLC) Security

Orderhive implements static code analysis tools and human review processes in order to ensure consistent quality in our software development practices.

Data Center Protections

Physical Security

Orderhive products are hosted with cloud infrastructure providers with SOC2 Type II and ISO 27001 certifications, among others. The certified protections include dedicated security staff, strictly managed physical access control and video surveillance.

Network Isolation

Orderhive products are hosted in a private virtual cloud which allows us to isolate database and software applications from other resources.

Communications between Orderhive services are protected by using Virtual Private Networks and encrypted network protocols. Data is encrypted at rest to help protect against unauthorized access.

Software Security

Patch Management

Orderhive’s patch management process identifies and addresses missing patches within the product infrastructure. Server-level instrumentation ensures tracked software packagesm, use the appropriate versions.

Security Incident Response

Orderhive security incident process flow and investigation data sources are pre-defined during recurring preparation activities and exercises and are refined through investigation follow-ups. We use standard incident response process structures to ensure that the right steps are taken at the right time.

Audit, Vulnerability Assessment and Penetration Testing

Vulnerability Assessment

Orderhive tests for potential vulnerabilities on a recurring basis. We run static code analysis, and infrastructure vulnerability scans.

Penetration Testing

Orderhive leverages 3rd party penetration testing firms several times a year to test the Orderhive products and product infrastructure.

External Audit & Certification

Orderhive has obtained a SOC 1 Type I report attesting to the excellence of its controls in the domains of security, availability, and confidentiality.

API Security

Security Tokens

All the API requests must be signed using an access key ID and a secret access key which is generated using refresh token which gets expired in a certain amount of time.

Rate Limiting

The external API calls require generation of a developer account with Orderhive which generates the Application ID. All external API calls request a combination of application id, access key id and secret access key. The rate limit is strictly defined on all external API calls to prevent any security attacks.