Dispatch Stream Dispatch Stream
Last updated: March 28, 2026
Security

Security controls for logistics teams.

Security is built into how Dispatch Stream, LLC ("Dispatch Stream", "we", "us", "our"), an Illinois limited liability company, is designed, operated, and supported so you can focus on moving freight.

This page is for transparency only and does not create warranties or modify the Terms of Service. Use of the Service is subject to the Terms of Service, including limitation of liability.

Request security overview Legal hub
See also: Terms | Privacy | Cookies

Security controls snapshot

  • Google Cloud + Firebase infrastructure with managed controls.
  • TLS 1.2+ in transit and encryption at rest.
  • Passkeys, text-message recovery, App Check, and secure session enforcement.
1

Security standards and infrastructure

Dispatch Stream is built to align with industry best practices and cloud security standards. Formal documentation and assurance summaries are available on request.

Controls aligned with SOC 2 principles

Operational controls are designed to support security, availability, and confidentiality principles. We are not currently SOC 2 certified; a security overview can be shared under NDA.

Google Cloud + Firebase

Core services run on Google Cloud, including Firebase Hosting, Cloud Functions, Firestore, and Storage with managed security baselines.

Encryption by default

Data is encrypted in transit with modern TLS and at rest using industry-standard encryption provided by Google Cloud.

2

Trust and reliability

Incident response and support

Critical issues are prioritized based on plan and severity. Customers can reach support quickly to resolve outages, access concerns, or data issues.

Critical issue escalation Release rollbacks Operational playbooks

Operational practices

We monitor service health, review access logs, and maintain backups to support recovery. Security reviews are part of our release workflow.

Monitoring and alerting Backup verification Dependency reviews
3

Secure-by-design controls

Access control

Role-based privileges, admin-only actions, and company isolation are designed to restrict access to authorized users within the correct tenant.

Session protection

Passkey-first sign-in, text-message recovery, idle timeouts, secure cookies, CSRF protection, and App Check protect sessions and reduce abuse. Passkeys use device-managed cryptographic credentials, and Dispatch Stream does not receive raw biometric or PIN inputs.

Integration grant handling

Provider connection grants and tokens are handled server-side. For OAuth-based accounting integrations such as QuickBooks, tokens are encrypted in storage and the active provider authorization is revoked when you disconnect the integration.

Auditability

Security-sensitive actions are logged to support review, response, and compliance workflows.

Submission metadata logs

Upload-link workflows can record confirmation and submission metadata to support customer-configured security, review, and recordkeeping workflows.

4

Tenant isolation and data stewardship

Multi-tenant isolation

Company data is logically separated and access is enforced server-side, so users only see the data they are authorized to access.

Backups and recovery

We maintain backups and disaster-recovery procedures designed to reduce data loss risk in the event of an incident.

5

Status updates and transparency

Uptime status updates and security documentation are available on request. Reach out to support and we will share the right materials for your security review.

Need security details?

Email support@dispatchstream.com to request security procedures, certifications, or incident response details.