Your hub is, by default not accessible via the outside world unless you port forward it. Which we do not recommend at all.
You choose what you want to put on dashboard. And can secure it as you see fit. Only the cloud dashboard links are relayed via our secure cloud relay and not directly from your hub.