As users of our own product, we understand how important the security and privacy of your data is. Keeping our customers’ data secure is the most important thing that IDoneThis does.
Please see below for more detailed information on our practices:
Credentials that you use to connect to IDoneThis are protected with bank-level encryption. We always use https or SSL where possible (both via https://idonethis.com and external API services)
All transmissions to IDoneThis are encrypted at 256-bit and sent through TLS 1.2, adhering to the FIPS 140-2 certification standard.
All data from IDoneThis is always encrypted in transit using 256-bit too when it is possible.
Our API and application endpoints are TLS/SSL only and score an “A” rating on SSL Labs’ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
All of our services run in the cloud. IDoneThis does not run our own routers, load balancers, DNS servers, or physical servers.
Our servers are located in Amazon’s AWS data centers. They’ve devoted an entire portion of their site to explaining their security measures, which you can find here. Server architecture is based on RDS Multi A-Z which provides high availability and failover support for DB instances using Multi-AZ deployments. Amazon RDS uses several different technologies to provide failover support. In a Multi-AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone.
Amazon RDS creates and saves automated daily backups. Amazon RDS creates a storage volume snapshots. Backup depth is 7 days.
For any concern about security, please contact us here, we’ll be super happy to provide all information you need.