HubLink uses a variety of operational methods and technology solutions to secure user data and transaction information. We've outlined these below.
HubLink uses a "bug bounty" system, managed by Bugcrowd, to identify security vulnerabilities in real time. To learn more about crowdsourced security, and its advantages over traditional penetration testing, please visit https://www.bugcrowd.com/who-we-are/how-it-works/
Individual accounts are entirely siloed from one another. No user can see another user's account information. All new user accounts must be accepted by the primary account admin before that user has access to a boat owner's inventory, rates, &c. or an operator's agreements.
Here are two scenarios that outline this in greater detail.
John Doe at XYZ Charters sets up XYZ Charters' HubLink account. As a result, he becomes the account's primary administrator.
Jane Doe at ABC Vessels, an XYZ competitor, downloads HubLink and attempts to join the XYZ Charters account as a new user. When this happens, John is asked to approve or disapprove the new user.
John doesn't recognize Jane as an employee of XYZ Charters and refuses to grant her access to the account.
When she doesn't get access to XYZ Charters' account, Jane attempts to set up an operator account instead. She hopes this will give her access to XYZ's information.
After she logs in for the first time, Jane can see the following information:
- XYZ Charters' fleet's available inventory.
Unavailable and hired boats are hidden from operator view.
- Spec sheet and location data for these vessels.
This information is already publicly available online.
No real-time or historical rate information appears on the operator side of HubLink.
Jane could also try to hire XYZ Charters' available vessels or message XYZ Charters. In both cases, the XYZ account admin could either (a) deny requests and/or (b) ignore messages.
If this activity became abusive, XYZ could report it to HubLink admins who would cancel both Jane's accounts.