Security and compliance features
Learn about our robust security and compliance features, including GDPR compliance, SOC2 certification, custom password policies, and SAML SSO, to safeguard your data, protect user privacy, and foster trust with your stakeholders.
Strengthening trust and confidence
Data security and compliance are paramount in today's digital landscape, especially when it comes to user research. At UsabilityHub, we prioritize the protection of your data through our robust security and compliance features including GDPR compliance, SOC2 certification, custom passwords policies, and SAML SSO. Below, we share how these features work in UsabilityHub.
How security works and why it’s important
Let’s explore the security and compliance features in UsabilityHub, providing use cases and examples to demonstrate their practical applications and benefits.
Security Assertion Markup Language Single Sign-On (SAML SSO)
SAML SSO is an authentication and authorization mechanism that enables users to access multiple applications and services with a single set of login credentials. SAML SSO works based on a trust relationship between an identity provider (IdP) and service providers (SPs).
UsabilityHub supports the two most common identity providers, Okta and Azure XD, and can also work with enterprise customers to support additional identity providers as needed.
SAML is available to all UsabilityHub customers on an Enterprise plan, providing you with seamless access to various applications while maintaining strong security controls.
An example of where this feature would be beneficial is an enterprise with multiple user research teams. By integrating SAML SSO, team members can securely access UsabilityHub using their existing corporate credentials, streamlining authentication processes and ensuring consistent access controls across the organization.
Custom password policies
With UsabilityHub's password complexity rules, you can reinforce the security of user accounts on our platform, which is particularly useful for enterprise customers that don’t use SSO.
It allows you to set specific password requirements, such as length, complexity, and special characters, so you can ensure that your user accounts are protected against unauthorized access and potential data breaches.
If your company has a password policy, this can help ensure that you can still use UsabilityHub and conform to security standards.
System and Organization Controls (SOC 2) compliance
SOC 2 is a robust auditing procedure designed to ensure that we, as your service provider, prioritize the secure management of data, safeguarding the interests of your organization and the privacy of your clients.
UsabilityHub possesses a SOC 2 Type II certification that encompasses the trust service principles of security, availability, and confidentiality. Each year, we undergo an annual audit from an AICPA-certified firm as part of our commitment to ensuring compliance in the following areas:
- Security: The system is safeguarded against unauthorized access, both physically and logically.
- Availability: The system is available for operation and use as committed or agreed.
- Confidentiality: Confidential information is diligently protected in accordance with agreed-upon measures.
By implementing these comprehensive security controls and adhering to industry best practices, we want you to feel assured that your data is in safe hands.
If you’re conducting sensitive user research, you can leverage our SOC 2-certified platform and demonstrate to your clients and auditors that you’re partnering with a secure and compliant user research provider, instilling trust and confidence in your data protection practices.
Customers or potential customers interested in attaining a copy of our SOC 2 report can contact us.
General Data Protection Regulation (GDPR) compliance
GDPR is a comprehensive EU law introduced to safeguard the personal data and privacy of European Union citizens. It establishes guidelines for responsible storage and handling of personal information, consent procedures, rights to correction and erasure (the right to be 'forgotten'), data breach response and reporting, and more.
For example, say you work at a software company based in the Netherlands and conduct user tests using UsabilityHub. By leveraging our GDPR-compliant features, you can easily obtain participant consent, define data retention policies, and demonstrate compliance with GDPR regulations to protect user privacy.
We’re committed to providing a secure and reliable user research platform
At UsabilityHub, security and compliance are at the core of our platform. Our robust security measures, in combination with our commitment to data protection regulations, ensure that your sensitive user research data is safeguarded throughout its lifecycle.
Trust UsabilityHub to protect your data and enable secure and compliant user research experiences.
Frequently asked questions
Does UsabilityHub undergo regular security audits?
Yes, we undergo an annual audit from an AICPA-certified firm. This audit covers various aspects, including security, availability, and confidentiality, ensuring that our system is protected against unauthorized access and that your data is handled responsibly.
What measures does UsabilityHub take to protect the confidentiality of data?
UsabilityHub ensures the confidentiality of your data through strict access controls, encryption mechanisms, and robust security practices. Our systems and infrastructure are designed to protect against unauthorized access and safeguard the sensitive information you entrust to us.