We provide this overview so that you can better understand the security measures we’ve put in place to protect the information that you store using MyDocSafe.
We encrypt the files that you store on MyDocSafe using the AES-256 standard, which is the same encryption standard used by banks to secure customer data. Encryption for storage is applied after files are uploaded.
MyDocSafe uses Amazon S3 for data storage using exclusively its data centres in Ireland for European users and a US data centre for the North American users. Amazon stores data over several large-scale data centres. According to Amazon, they use military grade perimeter control berms, video surveillance, and professional security staff to keep their data centres physically secure.
You can find more information about Amazon’s security at the Amazon Web Services’ website.
Amazon also employ significant protection against network security issues such as Distributed Denial of Service (DDoS) attacks, Man in the Middle (MITM) attacks, and packet sniffing.
Your files are sent between MyDocSafe’s desktop clients and our servers over a secure channel using 256-bit SSL (Secure Sockets Layer) encryption, the standard for secure Internet network connections.
Data sent using MyDocSafe email address is currently unencrypted, although we plan to add encryption in due course.
Your Data is Backed Up
Amazon keeps redundant backups of all data over multiple locations to prevent the remote possibility of data loss. You can set up a separate backup, should you so wish, by instructuring us to do so.
We guard your privacy to the best of our ability and work hard to protect your information from unauthorised access.
Compliance with Laws and Law Enforcement
How to Add Your Own Layer of Encryption to MyDocSafe
MyDocSafe applies encryption to your files after they have been uploaded, and currently manages the encryption keys. Users who wish to manage their own encryption keys can apply encryption before placing files in their MyDocSafe. Please note that if you encrypt files before uploading them it will be impossible for us to recover your data if you lose your encryption key. Alternatively, uses can instruct MyDocSafe to issue them with their encryption keys, to keep them separate from the main server or to escrow them with a third party. To find out more please see our encryption key management service.
I think I’ve found a security exploit. Where do I report security concerns?
We take a number of measures to ensure that the data you store on MyDocSafe is safe and secure. While we’re very confident in our technology, we recognise that no system can guarantee data security with 100% certainty. For that reason, we will continue to innovate to make sure that our security measures are state of the art, and we will investigate any and all reported security issues concerning MyDocSafe’s services or software. For a direct line to our security experts, report security issues to daniel@MyDocSafe.com.
We will fully credit anybody whose reports lead to the improvement of MyDocSafe security. A list of those who have contributed reports leading to a bug or security issue can be published on our special ‘thank you’ page.