BUILT FOR
FLEETS WHO READ
THE FINE PRINT.
Designed with strong tenant isolation, encryption, and audit logging from day one. Not bolted on later.
Multi-tenant isolation
Every record is scoped to a single Carrier and never readable across accounts. Row-level enforcement on the database with application-layer guards as the second line of defense.
Encryption at rest
Industry-standard AES-256 encryption for all stored data, including load photos, manifest images, and per-load records. Database backups encrypted with managed keys.
Encryption in transit
TLS 1.2+ for every connection between client and server. HSTS enforced. No mixed content. Strict CSP on the marketing site.
Multi-factor authentication
Required for owner and admin roles. Strongly recommended for dispatchers. Driver accounts use device-bound authentication on the iOS application.
Role-based access
Owner, admin, dispatcher, and driver roles, each with the minimum permissions needed. Joiner / leaver process for staff with documented offboarding.
Audit logging
Every sensitive action (job created, driver assigned, photo uploaded, account changed) is logged with user, timestamp, and source IP. Logs retained 13 months.
Signed upload URLs
Driver photos and manifests upload directly to encrypted storage via signed, time-limited URLs. No multipart bodies hit our backend.
Daily backups, point-in-time recovery
Daily managed-database backups, with point-in-time recovery to any minute in the prior 7 days. Recovery time objective: 24 hours. Recovery point objective: 1 hour.
ARCHITECTURE BUILT FOR ISOLATION
Row-level Carrier isolation
Each Carrier's data is strictly isolated through row-level filtering on every read and write. There is no multi-tenant data mixing. One Carrier's loads, drivers, trucks, and records are never accessible to another, by anyone, including Howdy Dispatch staff.
Authentication with MFA support
User authentication runs on an industry-standard identity provider with multi-factor support. MFA is required for owner and admin roles and strongly recommended for dispatchers. All API requests are validated against signed tokens on the backend.
Signed-URL upload flow
Driver photos and manifest images upload directly to encrypted object storage via signed, time-limited URLs. The backend never accepts multipart bodies for user-uploaded files. This narrows the attack surface and removes a class of file-handling vulnerabilities.
Daily backups, 1-hour RPO target
Managed-database backups run daily with point-in-time recovery to any minute within the prior 7 days. Object-storage versioning protects against accidental deletion of load photos. Our recovery time objective is 24 hours, recovery point objective is 1 hour.
What we are not (yet)
We believe an honest security page is more useful than a misleading one. Howdy Dispatch is not currently SOC 2 Type 1 or Type 2 certified; we are operating to SOC 2 principles and intend to pursue Type 1 within 12 months of public launch. We are not ISO 27001 certified. We are not a PCI Level 1 service provider; subscription checkout is handled by Stripe under their PCI compliance. We are not registered with FMCSA as an Electronic Logging Device.
Carriers who require additional detail (named vendors, control narrative, audit reports) can request a security package under NDA at our contact form or by emailing hello@howdydispatch.com.