Security overview
Last updated June 24, 2026
Our approach
We keep the books for accounting firms and their clients, so protecting your financial data is central to how LedgerHub is built — not an afterthought. This page summarizes the technical and organizational measures we use. If you have a question, see “Reporting a concern” at the bottom.
Encryption
All traffic to and from LedgerHub is encrypted in transit with TLS (HTTPS), and HTTP Strict Transport Security is enforced so browsers will not fall back to an unencrypted connection.
The most sensitive secrets we hold — your linked-bank access tokens, two-factor and authenticator secrets, and payment-provider keys — are encrypted at the field level with AES-256-GCM before they are written to the database, using keys held only on the application host.
Authentication & access
- Passwords are stored only as salted, one-way hashes — never in plaintext.
- Passwordless sign-in with passkeys (Face ID, Touch ID, or a security key) via WebAuthn.
- Two-factor authentication with authenticator apps (TOTP) and one-time email codes, with optional trusted devices.
- Role-based permissions — only Owner and Accountant roles can post or change financial records; client-portal access is limited to viewing and uploading.
- Per-user company access and strict multi-tenant isolation, so each set of books is visible only to the people granted access to it.
Bank connections (Plaid)
Bank and card feeds are powered by Plaid. When you connect an account, you enter your bank credentials directly with Plaid — they never pass through or get stored on LedgerHub. We receive only a Plaid access token (encrypted, as above) and read-only transaction and balance data. These connections cannot be used to move money.
Payments (Stripe & PayPal)
Invoice payments are processed by Stripe and PayPal. Card details are entered on their secure, PCI-compliant systems; LedgerHub never sees or stores full card numbers.
Hosting & infrastructure
LedgerHub runs on Amazon Web Services — application compute plus an Amazon RDS for MySQL database — in the United States, behind Cloudflare for TLS termination and network protection. Each deployment is dedicated to the operating firm.
Subprocessors & compliance
LedgerHub is operated by I&S Accounting Services and is not itself SOC 2 certified. Instead, we build on infrastructure and service providers that are independently audited, and we follow the practices described on this page. The providers we rely on, and their attestations, are:
| Provider | Purpose | Compliance |
|---|---|---|
| Amazon Web Services | Application hosting and database (Amazon RDS for MySQL) | SOC 2 Type II · ISO 27001 · PCI DSS |
| Cloudflare | TLS termination, CDN, and network / DDoS protection | SOC 2 Type II · ISO 27001 |
| Plaid | Bank-account connections and transaction feeds | SOC 2 Type II |
| Stripe | Card payment processing for invoices | PCI DSS Level 1 |
| PayPal | PayPal payment processing for invoices | PCI DSS Level 1 |
| Resend | Transactional and invoice email delivery | Built on AWS SES |
| Anthropic | Optional AI features (categorization, “Ask your books”) | SOC 2 Type II |
The optional AI features (bank-feed categorization and “Ask your books”) use the Anthropic API over a limited, read-only set of your reports. Data sent to the API for these features is not used to train models.
Your data is yours
You own your books. At any time you can export your full chart of accounts, transactions, and financial statements to CSV and Excel from the admin tools, and take them with you if you ever leave. There is no lock-in.
Backups & availability
We run automated database backups so your records can be restored, and we monitor a health endpoint continuously to catch problems early.
Reporting a concern
If you believe you have found a security issue, please contact us at [email protected] so we can look into it promptly. We appreciate responsible disclosure.
