Zero-touch credential architecture means we cannot read your API keys — not that we promise not to. AES-256-GCM encryption, OWASP pen-tested, SSH MFA enforced, CSP hardened. Here's exactly how it works.
Integration API keys and tokens are encrypted with AES-256-GCM before they're stored. The encryption key is derived per-tenant. We structurally cannot decrypt your credentials — it's not a policy, it's architecture.
All storage volumes are encrypted with LUKS AES-256 at the disk layer. All sensitive credentials within the application are additionally encrypted with AES-256-GCM at the application layer. Two independent encryption layers.
All traffic — admin, portal, API, tenant subdomains — is served over TLS 1.2 minimum. HTTP is not available. HSTS enforced. Certificate renewal is automated and monitored.
TOTP-based MFA is required for all admin portal access and all SSH access to infrastructure servers. There is no bypass path. Secrets are stored in server-side environment files, never in application config.
All Quad Digital web properties are deployed with a strict Content Security Policy — no unsafe-inline for scripts or styles, no data: URIs, frame-ancestors restricted. Enforced at the web server layer, not the application.
Each institution operates in a fully isolated PostgreSQL database. Credentials, configurations, user records, and audit logs are completely separated. There is no shared schema between tenants. Cross-tenant access is structurally impossible.
When a tenant administrator configures an integration — Canvas, Banner, Microsoft 365, anything — the credential never touches our application in plaintext after the initial submission. Here's the exact flow from entry to storage to use.
The result: your integration credentials are available to the platform to make API calls on your behalf, but are structurally inaccessible to Quad Digital staff, support engineers, or anyone else who might query the database.
We conduct web application penetration testing against the QuadHub platform from a dedicated testing instance on our infrastructure. The most recent full scan returned zero Critical and zero High severity findings. Medium and Low findings are tracked and remediated on a defined schedule.
Penetration testing is conducted against the full platform stack — web application, API endpoints, authentication flows, and admin interface — not a subset.
We're happy to walk through the security architecture in detail with your IT security team or compliance officer. No slides required — just a technical conversation.