# Security ## Encryption PostLab uses several layers to ensure your data is only available to you. PostLab, Drive, and our Drive partners LucidLink and Wasabi all have independent pen-tested encryption protocols in place. All authentication layers are required to work together *simultaneously* before PostLab's contents can be accessed. All communication between PostLab's client and server clusters is fully encrypted and runs over HTTPS. At rest, all data is encrypted. ## Access Assets on Drive can only be accessed by: * Team Members * Drop Off and Pick Up services * The PostLab Support account, added on-demand, by invitation only. If you require complete control over when PostLab's system administrators and services may access your Drive, [we can set up Drive to use with your own S3 object store,](/postlab-classic/drive/bring-your-own-storage.md) enabling you to allow or revoke access on your own terms. ## The Details ### PostLab Drive Drive utilizes LucidLink's Filespaces technology, which uses authenticated encryption (AES-256 in GCM mode) for data in transit and at rest. As an added layer of security, a Drive cannot be mounted without first having authenticated as a PostLab user, and then team. ### Hedge Internal Policies PostLab and Drive are products of Hedge. Hedge Team Members incorporate information security best practices to keep company data secure, including... * Encrypted contents of local workstations * Encrypted password and token management * Enabling two-factor authentication (2FA) on all external services Employee access to all shared resources is tracked and monitored. No financial data or credit information is stored in any system owned or maintained by Hedge. Paddle and Stripe are used to manage billing and payments. If a data breach occurs, we are transparent about its extent and impact, taking all necessary measures to secure and recover any data. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.hedge.video/postlab-classic/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.