Storing your Data
Your data is stored securely on our servers. We use military grade encryption to ensure your data is well protected. We pay special attention to security for our application and our servers.
We have an experienced team that uses the best engineering practice and tools to develop the product. We use AES 256 bit encryption and Secure Sockets Layer (SSL). NSA has approved the use of this protocol for top secret information.
Our files are stored on Amazon's Simple Storage Service (S3). Amazon S3 itself has its own robust security policy of its own. AWS’s world-class, highly secure data centers utilize state-of-the art electronic surveillance and multi-factor access control systems. Data centers are staffed 24x7 by trained security guards, and access is authorized only strictly to small set of Amazon staff members. Data redundancy through multiple geographic regions and Availability Zones allows you to remain resilient in the face of most failure modes, including natural disasters or system failures.
Some of the other key security features of Amazon AWS
- Amazon S3 is accessible via SSL encrypted endpoints.
- Data is encrypted by 256 bit AES encryption before been stored on the server.
- Amazon EC2 provides a complete firewall solution. Only explicitly opened ports are allowed with the possibility of restricting only certains IPs to access the servers.
- Amazon uses Standard Distributed Denial of Service (DDoS) mitigation techniques such as syn cookies and connection limiting.
Fetching your Data
All communication between the Client system and the Backup Server takes place through a secure SSL (Secure Socket Layer) channel. This ensures the same security level as Internet Banking. Although all the backup data is transferred through a public network (internet), nobody can obtain any knowledge of the information exchanged.
Access to Data
Our strict access controls grants access to stored data internally using the “ principle of least privilege ” through appropriate roles and only on a “need to know” basis, and manages its systems in line with security industry best practices. Our team of trusted and verified employees will not access user data for any reason unless All employees are required to act under our strict compliance guidelines. We have proper security policies in place to ensure that your files are protected from unauthorized access.
Dropmyemail recognizes the importance of security and the effort that it required. We encourage and reward responsible disclosure of any vulnerabilities to us.
Please share the details of the vulnerability to us. Please do not announce the vulnerability to the public until we are given a chance to rectify it. Once our security team has verified, your efforts will be acknowledged. Your cooperation is much appreciated.
We would like to extend our gratitude to the following researchers who helped us strengthen the security of our products.