free yourself from the boring stuff in life

security guides

our security your safe security tips the safe - lets be clear

Securing personal data
my easy diary has an SSL cerfiticate (as all websites handling personal details should) which 'scrambles' any information over the Internet between the user's computer and the website's computers. This is what makes entering personal data or viewing bank statements over the Internet secure, and is shown by a little padlock symbol somewhere on the browser. When a website receives personal information it gets unscrambled and stored. Users then rely on the owners of the website to ensure their computer servers are secure, and that personal data is not misused. Therefore, companies need to consider both the physical security and the online security of the computers, and what it will and won't do with the data. What we will and won't do with your data is covered in our plain language promises, physical and online security is answered below.

point

Physical security
Controlling physical security to a machine is important since knowledgeable computer 'geeks' can try a number of things to get access to personal data. People trust big names to do this - so we did the same. We went with a world class company to look after our servers - RackSpace. Rackspace provide "Keycard protocols, biometric scanning protocols and round-the-clock interior and exterior surveillance monitor access to every one of our data centers." That should just about do it. A nuclear bomb might be the only thing to knock out the site, but even then backups are taken every day and stored in another of their sites.

point

Online security
This is a key question, and most people have 'hackers' in mind - those people who seem to be able to defy even the biggest organisations and exploit weaknesses. In my easy diary you have the option create a safe to hold sensitive information. Key information in the safe is encrypted when stored to stop us seeing it - see below. Understand your security by reading our safe - lets be clear guide.

point

Encrypting your data
The security of your sensitive data depends on the encryption, so we went for encryption developed by the finest minds in the world backed by international agencies. As with everything - we use the best that we can. Using the best encryption techniques, even the most powerful computer to date would take millions of years to 'break' (no joke). And as soon as mathmeticians find the slightest weakness and a better solution comes along, we are able to update our code in response so that when you save your data its the safest it can be. We have made a substantial investment in ensuring our implementation is correct.

[For the techies - in the safe we use SHA-256 together with AES (CBC) to encrypt the data. The data is salted using user details along with the password (there is no blanket-wide information used in the encryption).]