We understand that we handle often confidential and sensitive data in our service. Therefore, security is of utmost importance to us. Below is some of the measures we employ to keep your data as safe as possible:
- Your connection to us is secure: We employ TLS-encryption throughout our website with only strong ciphers, key exchanges, protocol and certificate. See for yourself at https://www.ssllabs.com/ssltest/analyze.html?d=app.debricked.com.
- Detecting breaches: We monitor all remote logins (SSH) to our servers, with email notifications immediately being sent to relevant people on each login.
- Strict access to our servers: We employ two-factor authentication when logging in to our servers remotely (SSH) and only a handful of employees have access.
- Protecting your data: We use full filesystem encryption for the servers hosting this service, making it very hard to access the data even if the servers were physically stolen. We also have very strict access schemes to our database servers.
- Protecting your account: We hash all passwords using a well known algorithm, which makes it impossible for us, and everyone else, to know your password. Additionally, we offer two-factor authentication, making it harder to get unauthorised access to your account.
Why do we let you know all this, isn’t it insecure to release this information? No, because security through obscurity is never a legitimate way of providing security.
With our on-site solution we take no responsibility for the data security, but we still aim to provide you with the most secure environment possible.