The Security of Your Data

AES 256 Encryption

This standard is approved by the US government for encryption of top secret data. Each account has a unique key based on a cryptographically secure random number. Keys are stored in a secured database in binary form and access to the key database is strictly controlled.

Encrypted Information

Critical information like email accounts, usernames, passwords, and task information is all encrypted.

Rotating Tokens

Access tokens can be invalidated and reissued in the event that an account is compromised.

Frequent Concerns

1

What if EasilyDo gets hacked?

Usually, hacking means someone gets user login information and access to user data. We invalidate the token (as mentioned in the second section above) for the affected account(s) and request users to re-login to their accounts. User security keys are also never transferred over wire to mobile clients.

2

What happens if my data is compromised?

If EasilyDo's database is compromised, we will invalidate compromised security keys and re-issue new keys to the affected accounts.

3

What do these security measures mean for my data?

User data (email tokens, passwords, task data) are encrypted with the strongest algorithm. The keys database is isolated with strict access-controls. The data is encrypted at rest and decryption of data happens only when user requests the data.

4

How is my data safe?

EasilyDo takes security seriously. Critical data is encrypted at rest and in transit. In addition to strong algorithms, we also have strict access control policies. Access to the keys is limited to a handful of administrators and all access to the database is logged and monitored.